Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/nginx@0.7.67-3%2Bsqueeze4%2Bdeb6u1
Typedeb
Namespacedebian
Namenginx
Version0.7.67-3+squeeze4+deb6u1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.22.1-9+deb12u6
Latest_non_vulnerable_version1.26.3-3+deb13u4
Affected_by_vulnerabilities
0
url VCID-22cq-z7km-cfdc
vulnerability_id VCID-22cq-z7km-cfdc
summary SSL session reuse vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23419.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23419.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-23419
reference_id
reference_type
scores
0
value 0.01164
scoring_system epss
scoring_elements 0.78694
published_at 2026-04-29T12:55:00Z
1
value 0.02857
scoring_system epss
scoring_elements 0.86393
published_at 2026-05-14T12:55:00Z
2
value 0.02857
scoring_system epss
scoring_elements 0.86326
published_at 2026-05-07T12:55:00Z
3
value 0.02857
scoring_system epss
scoring_elements 0.86343
published_at 2026-05-11T12:55:00Z
4
value 0.02857
scoring_system epss
scoring_elements 0.86304
published_at 2026-05-05T12:55:00Z
5
value 0.02857
scoring_system epss
scoring_elements 0.86276
published_at 2026-04-24T12:55:00Z
6
value 0.02857
scoring_system epss
scoring_elements 0.86285
published_at 2026-04-26T12:55:00Z
7
value 0.02857
scoring_system epss
scoring_elements 0.86355
published_at 2026-05-12T12:55:00Z
8
value 0.02857
scoring_system epss
scoring_elements 0.86346
published_at 2026-05-09T12:55:00Z
9
value 0.0383
scoring_system epss
scoring_elements 0.88157
published_at 2026-04-13T12:55:00Z
10
value 0.0383
scoring_system epss
scoring_elements 0.88105
published_at 2026-04-02T12:55:00Z
11
value 0.0383
scoring_system epss
scoring_elements 0.88121
published_at 2026-04-04T12:55:00Z
12
value 0.0383
scoring_system epss
scoring_elements 0.88128
published_at 2026-04-07T12:55:00Z
13
value 0.0383
scoring_system epss
scoring_elements 0.88147
published_at 2026-04-08T12:55:00Z
14
value 0.0383
scoring_system epss
scoring_elements 0.88153
published_at 2026-04-09T12:55:00Z
15
value 0.0383
scoring_system epss
scoring_elements 0.88163
published_at 2026-04-11T12:55:00Z
16
value 0.0383
scoring_system epss
scoring_elements 0.88156
published_at 2026-04-12T12:55:00Z
17
value 0.0383
scoring_system epss
scoring_elements 0.88171
published_at 2026-04-16T12:55:00Z
18
value 0.0383
scoring_system epss
scoring_elements 0.88169
published_at 2026-04-18T12:55:00Z
19
value 0.03942
scoring_system epss
scoring_elements 0.88353
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-23419
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23419
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23419
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2025/NYEUJX7NCBCGJGXDFVXNMAAMJDFSE45G.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2025/NYEUJX7NCBCGJGXDFVXNMAAMJDFSE45G.html
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095403
reference_id 1095403
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095403
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2344005
reference_id 2344005
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2344005
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-23419
reference_id CVE-2025-23419
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2025-23419
8
reference_url https://my.f5.com/manage/s/article/K000149173
reference_id K000149173
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T18:12:47Z/
url https://my.f5.com/manage/s/article/K000149173
9
reference_url https://access.redhat.com/errata/RHSA-2025:7331
reference_id RHSA-2025:7331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7331
10
reference_url https://usn.ubuntu.com/7285-1/
reference_id USN-7285-1
reference_type
scores
url https://usn.ubuntu.com/7285-1/
11
reference_url https://usn.ubuntu.com/7285-2/
reference_id USN-7285-2
reference_type
scores
url https://usn.ubuntu.com/7285-2/
fixed_packages
0
url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2cu7-pyw5-t3dm
1
vulnerability VCID-3czf-dtzg-8kdm
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-fmvd-vyt7-mkfk
4
vulnerability VCID-kpjx-rrjs-subs
5
vulnerability VCID-sxf9-qr1j-u3et
6
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3
aliases CVE-2025-23419
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-22cq-z7km-cfdc
1
url VCID-36pf-ddpb-3khs
vulnerability_id VCID-36pf-ddpb-3khs
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11724
reference_id
reference_type
scores
0
value 0.02474
scoring_system epss
scoring_elements 0.8543
published_at 2026-05-14T12:55:00Z
1
value 0.02474
scoring_system epss
scoring_elements 0.85392
published_at 2026-05-12T12:55:00Z
2
value 0.02474
scoring_system epss
scoring_elements 0.85203
published_at 2026-04-01T12:55:00Z
3
value 0.02474
scoring_system epss
scoring_elements 0.85215
published_at 2026-04-02T12:55:00Z
4
value 0.02474
scoring_system epss
scoring_elements 0.85233
published_at 2026-04-04T12:55:00Z
5
value 0.02474
scoring_system epss
scoring_elements 0.85235
published_at 2026-04-07T12:55:00Z
6
value 0.02474
scoring_system epss
scoring_elements 0.85257
published_at 2026-04-08T12:55:00Z
7
value 0.02474
scoring_system epss
scoring_elements 0.85266
published_at 2026-04-09T12:55:00Z
8
value 0.02474
scoring_system epss
scoring_elements 0.8528
published_at 2026-04-11T12:55:00Z
9
value 0.02474
scoring_system epss
scoring_elements 0.85278
published_at 2026-04-12T12:55:00Z
10
value 0.02474
scoring_system epss
scoring_elements 0.85275
published_at 2026-04-13T12:55:00Z
11
value 0.02474
scoring_system epss
scoring_elements 0.85296
published_at 2026-04-16T12:55:00Z
12
value 0.02474
scoring_system epss
scoring_elements 0.85297
published_at 2026-04-18T12:55:00Z
13
value 0.02474
scoring_system epss
scoring_elements 0.85294
published_at 2026-04-21T12:55:00Z
14
value 0.02474
scoring_system epss
scoring_elements 0.85317
published_at 2026-04-24T12:55:00Z
15
value 0.02474
scoring_system epss
scoring_elements 0.85326
published_at 2026-04-26T12:55:00Z
16
value 0.02474
scoring_system epss
scoring_elements 0.85325
published_at 2026-04-29T12:55:00Z
17
value 0.02474
scoring_system epss
scoring_elements 0.8534
published_at 2026-05-05T12:55:00Z
18
value 0.02474
scoring_system epss
scoring_elements 0.85366
published_at 2026-05-07T12:55:00Z
19
value 0.02474
scoring_system epss
scoring_elements 0.85384
published_at 2026-05-09T12:55:00Z
20
value 0.02474
scoring_system epss
scoring_elements 0.85379
published_at 2026-05-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11724
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724
2
reference_url https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa
reference_id
reference_type
scores
url https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa
3
reference_url https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch
reference_id
reference_type
scores
url https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch
4
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html
5
reference_url https://security.netapp.com/advisory/ntap-20210129-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210129-0002/
6
reference_url https://www.debian.org/security/2020/dsa-4750
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4750
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964950
reference_id 964950
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964950
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11724
reference_id CVE-2020-11724
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2020-11724
12
reference_url https://usn.ubuntu.com/5371-1/
reference_id USN-5371-1
reference_type
scores
url https://usn.ubuntu.com/5371-1/
13
reference_url https://usn.ubuntu.com/5371-3/
reference_id USN-5371-3
reference_type
scores
url https://usn.ubuntu.com/5371-3/
fixed_packages
0
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
1
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2020-11724
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-36pf-ddpb-3khs
2
url VCID-3ysf-pvuu-47bs
vulnerability_id VCID-3ysf-pvuu-47bs
summary nginx: HTTP request smuggling in configurations with URL redirect used as error_page
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20372.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20372.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-20372
reference_id
reference_type
scores
0
value 0.69321
scoring_system epss
scoring_elements 0.98668
published_at 2026-05-14T12:55:00Z
1
value 0.69737
scoring_system epss
scoring_elements 0.98652
published_at 2026-04-01T12:55:00Z
2
value 0.69737
scoring_system epss
scoring_elements 0.98653
published_at 2026-04-02T12:55:00Z
3
value 0.69737
scoring_system epss
scoring_elements 0.98656
published_at 2026-04-04T12:55:00Z
4
value 0.69737
scoring_system epss
scoring_elements 0.98659
published_at 2026-04-07T12:55:00Z
5
value 0.69737
scoring_system epss
scoring_elements 0.9866
published_at 2026-04-08T12:55:00Z
6
value 0.69737
scoring_system epss
scoring_elements 0.98661
published_at 2026-04-09T12:55:00Z
7
value 0.69737
scoring_system epss
scoring_elements 0.98664
published_at 2026-04-12T12:55:00Z
8
value 0.69737
scoring_system epss
scoring_elements 0.98665
published_at 2026-04-13T12:55:00Z
9
value 0.69737
scoring_system epss
scoring_elements 0.98668
published_at 2026-04-16T12:55:00Z
10
value 0.70833
scoring_system epss
scoring_elements 0.98703
published_at 2026-04-21T12:55:00Z
11
value 0.70833
scoring_system epss
scoring_elements 0.98708
published_at 2026-04-24T12:55:00Z
12
value 0.70833
scoring_system epss
scoring_elements 0.9871
published_at 2026-04-26T12:55:00Z
13
value 0.70833
scoring_system epss
scoring_elements 0.98712
published_at 2026-04-29T12:55:00Z
14
value 0.70833
scoring_system epss
scoring_elements 0.98716
published_at 2026-05-05T12:55:00Z
15
value 0.70833
scoring_system epss
scoring_elements 0.98718
published_at 2026-05-09T12:55:00Z
16
value 0.70833
scoring_system epss
scoring_elements 0.9872
published_at 2026-05-11T12:55:00Z
17
value 0.70833
scoring_system epss
scoring_elements 0.98721
published_at 2026-05-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-20372
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1790277
reference_id 1790277
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1790277
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948579
reference_id 948579
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948579
6
reference_url https://access.redhat.com/errata/RHSA-2020:2817
reference_id RHSA-2020:2817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2817
7
reference_url https://access.redhat.com/errata/RHSA-2020:5495
reference_id RHSA-2020:5495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5495
8
reference_url https://access.redhat.com/errata/RHSA-2021:0778
reference_id RHSA-2021:0778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0778
9
reference_url https://access.redhat.com/errata/RHSA-2021:0779
reference_id RHSA-2021:0779
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0779
10
reference_url https://usn.ubuntu.com/4235-1/
reference_id USN-4235-1
reference_type
scores
url https://usn.ubuntu.com/4235-1/
11
reference_url https://usn.ubuntu.com/4235-2/
reference_id USN-4235-2
reference_type
scores
url https://usn.ubuntu.com/4235-2/
fixed_packages
0
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2019-20372
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ysf-pvuu-47bs
3
url VCID-4mqa-bkha-kbaj
vulnerability_id VCID-4mqa-bkha-kbaj
summary security update
references
0
reference_url http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/
reference_id
reference_type
scores
url http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/
1
reference_url http://code.google.com/p/chromium/issues/detail?id=139744
reference_id
reference_type
scores
url http://code.google.com/p/chromium/issues/detail?id=139744
2
reference_url http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html
reference_id
reference_type
scores
url http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html
3
reference_url http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html
reference_id
reference_type
scores
url http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html
4
reference_url http://jvn.jp/en/jp/JVN65273415/index.html
reference_id
reference_type
scores
url http://jvn.jp/en/jp/JVN65273415/index.html
5
reference_url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
6
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html
7
reference_url http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html
8
reference_url http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html
9
reference_url http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html
10
reference_url http://marc.info/?l=bugtraq&m=136612293908376&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=136612293908376&w=2
11
reference_url http://news.ycombinator.com/item?id=4510829
reference_id
reference_type
scores
url http://news.ycombinator.com/item?id=4510829
12
reference_url http://rhn.redhat.com/errata/RHSA-2013-0587.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0587.html
13
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json
14
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-4929
reference_id
reference_type
scores
0
value 0.13867
scoring_system epss
scoring_elements 0.94373
published_at 2026-05-14T12:55:00Z
1
value 0.13867
scoring_system epss
scoring_elements 0.94321
published_at 2026-04-26T12:55:00Z
2
value 0.13867
scoring_system epss
scoring_elements 0.9432
published_at 2026-04-29T12:55:00Z
3
value 0.13867
scoring_system epss
scoring_elements 0.94325
published_at 2026-05-05T12:55:00Z
4
value 0.13867
scoring_system epss
scoring_elements 0.94335
published_at 2026-05-07T12:55:00Z
5
value 0.13867
scoring_system epss
scoring_elements 0.94347
published_at 2026-05-09T12:55:00Z
6
value 0.13867
scoring_system epss
scoring_elements 0.94353
published_at 2026-05-11T12:55:00Z
7
value 0.13867
scoring_system epss
scoring_elements 0.94359
published_at 2026-05-12T12:55:00Z
8
value 0.13867
scoring_system epss
scoring_elements 0.94297
published_at 2026-04-12T12:55:00Z
9
value 0.13867
scoring_system epss
scoring_elements 0.94298
published_at 2026-04-13T12:55:00Z
10
value 0.13867
scoring_system epss
scoring_elements 0.94313
published_at 2026-04-16T12:55:00Z
11
value 0.13867
scoring_system epss
scoring_elements 0.94318
published_at 2026-04-21T12:55:00Z
12
value 0.13867
scoring_system epss
scoring_elements 0.94322
published_at 2026-04-24T12:55:00Z
13
value 0.15291
scoring_system epss
scoring_elements 0.94601
published_at 2026-04-07T12:55:00Z
14
value 0.15291
scoring_system epss
scoring_elements 0.94592
published_at 2026-04-02T12:55:00Z
15
value 0.15291
scoring_system epss
scoring_elements 0.94599
published_at 2026-04-04T12:55:00Z
16
value 0.15291
scoring_system epss
scoring_elements 0.94585
published_at 2026-04-01T12:55:00Z
17
value 0.15291
scoring_system epss
scoring_elements 0.94611
published_at 2026-04-08T12:55:00Z
18
value 0.15291
scoring_system epss
scoring_elements 0.94615
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-4929
15
reference_url https://chromiumcodereview.appspot.com/10825183
reference_id
reference_type
scores
url https://chromiumcodereview.appspot.com/10825183
16
reference_url https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls
reference_id
reference_type
scores
url https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
20
reference_url http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor
reference_id
reference_type
scores
url http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor
21
reference_url https://gist.github.com/3696912
reference_id
reference_type
scores
url https://gist.github.com/3696912
22
reference_url https://github.com/mpgn/CRIME-poc
reference_id
reference_type
scores
url https://github.com/mpgn/CRIME-poc
23
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920
24
reference_url https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212
reference_id
reference_type
scores
url https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212
25
reference_url http://support.apple.com/kb/HT5784
reference_id
reference_type
scores
url http://support.apple.com/kb/HT5784
26
reference_url http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312
reference_id
reference_type
scores
url http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312
27
reference_url http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512
reference_id
reference_type
scores
url http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512
28
reference_url http://www.debian.org/security/2012/dsa-2579
reference_id
reference_type
scores
url http://www.debian.org/security/2012/dsa-2579
29
reference_url http://www.debian.org/security/2013/dsa-2627
reference_id
reference_type
scores
url http://www.debian.org/security/2013/dsa-2627
30
reference_url http://www.debian.org/security/2015/dsa-3253
reference_id
reference_type
scores
url http://www.debian.org/security/2015/dsa-3253
31
reference_url http://www.ekoparty.org/2012/thai-duong.php
reference_id
reference_type
scores
url http://www.ekoparty.org/2012/thai-duong.php
32
reference_url http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091
reference_id
reference_type
scores
url http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091
33
reference_url http://www.securityfocus.com/bid/55704
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/55704
34
reference_url http://www.theregister.co.uk/2012/09/14/crime_tls_attack/
reference_id
reference_type
scores
url http://www.theregister.co.uk/2012/09/14/crime_tls_attack/
35
reference_url http://www.ubuntu.com/usn/USN-1627-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1627-1
36
reference_url http://www.ubuntu.com/usn/USN-1628-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1628-1
37
reference_url http://www.ubuntu.com/usn/USN-1898-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1898-1
38
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936
reference_id 689936
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936
39
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399
reference_id 700399
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399
40
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426
reference_id 700426
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426
41
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197
reference_id 727197
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197
42
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055
reference_id 728055
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055
43
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=857051
reference_id 857051
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=857051
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-4929
reference_id CVE-2012-4929
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2012-4929
49
reference_url https://security.gentoo.org/glsa/201309-12
reference_id GLSA-201309-12
reference_type
scores
url https://security.gentoo.org/glsa/201309-12
50
reference_url https://access.redhat.com/errata/RHSA-2013:0587
reference_id RHSA-2013:0587
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0587
51
reference_url https://access.redhat.com/errata/RHSA-2013:0636
reference_id RHSA-2013:0636
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0636
52
reference_url https://access.redhat.com/errata/RHSA-2014:0416
reference_id RHSA-2014:0416
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0416
53
reference_url https://usn.ubuntu.com/1627-1/
reference_id USN-1627-1
reference_type
scores
url https://usn.ubuntu.com/1627-1/
54
reference_url https://usn.ubuntu.com/1628-1/
reference_id USN-1628-1
reference_type
scores
url https://usn.ubuntu.com/1628-1/
55
reference_url https://usn.ubuntu.com/1898-1/
reference_id USN-1898-1
reference_type
scores
url https://usn.ubuntu.com/1898-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
aliases CVE-2012-4929
risk_score 1.1
exploitability 0.5
weighted_severity 2.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4mqa-bkha-kbaj
4
url VCID-64n7-ygvq-cfds
vulnerability_id VCID-64n7-ygvq-cfds
summary Excessive memory usage in HTTP/2
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16843.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16843.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16843
reference_id
reference_type
scores
0
value 0.55541
scoring_system epss
scoring_elements 0.98063
published_at 2026-04-01T12:55:00Z
1
value 0.55541
scoring_system epss
scoring_elements 0.98103
published_at 2026-05-14T12:55:00Z
2
value 0.55541
scoring_system epss
scoring_elements 0.98098
published_at 2026-05-09T12:55:00Z
3
value 0.55541
scoring_system epss
scoring_elements 0.98099
published_at 2026-05-12T12:55:00Z
4
value 0.55541
scoring_system epss
scoring_elements 0.98067
published_at 2026-04-02T12:55:00Z
5
value 0.55541
scoring_system epss
scoring_elements 0.9807
published_at 2026-04-04T12:55:00Z
6
value 0.55541
scoring_system epss
scoring_elements 0.98071
published_at 2026-04-07T12:55:00Z
7
value 0.55541
scoring_system epss
scoring_elements 0.98075
published_at 2026-04-08T12:55:00Z
8
value 0.55541
scoring_system epss
scoring_elements 0.98076
published_at 2026-04-09T12:55:00Z
9
value 0.55541
scoring_system epss
scoring_elements 0.98081
published_at 2026-04-12T12:55:00Z
10
value 0.55541
scoring_system epss
scoring_elements 0.98082
published_at 2026-04-13T12:55:00Z
11
value 0.55541
scoring_system epss
scoring_elements 0.98087
published_at 2026-04-26T12:55:00Z
12
value 0.55541
scoring_system epss
scoring_elements 0.98088
published_at 2026-04-18T12:55:00Z
13
value 0.55541
scoring_system epss
scoring_elements 0.98084
published_at 2026-04-21T12:55:00Z
14
value 0.55541
scoring_system epss
scoring_elements 0.98085
published_at 2026-04-24T12:55:00Z
15
value 0.55541
scoring_system epss
scoring_elements 0.98089
published_at 2026-04-29T12:55:00Z
16
value 0.55541
scoring_system epss
scoring_elements 0.98096
published_at 2026-05-11T12:55:00Z
17
value 0.55541
scoring_system epss
scoring_elements 0.98094
published_at 2026-05-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16843
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
reference_id
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1644511
reference_id 1644511
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1644511
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
reference_id 913090
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16843
reference_id CVE-2018-16843
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-16843
10
reference_url https://access.redhat.com/errata/RHSA-2018:3653
reference_id RHSA-2018:3653
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3653
11
reference_url https://access.redhat.com/errata/RHSA-2018:3680
reference_id RHSA-2018:3680
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3680
12
reference_url https://access.redhat.com/errata/RHSA-2018:3681
reference_id RHSA-2018:3681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3681
13
reference_url https://usn.ubuntu.com/3812-1/
reference_id USN-3812-1
reference_type
scores
url https://usn.ubuntu.com/3812-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
1
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
aliases CVE-2018-16843
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-64n7-ygvq-cfds
5
url VCID-9hzg-r1fj-pubf
vulnerability_id VCID-9hzg-r1fj-pubf
summary Excessive CPU usage in HTTP/2 with priority changes
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9513.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9513.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9513
reference_id
reference_type
scores
0
value 0.06705
scoring_system epss
scoring_elements 0.91201
published_at 2026-04-01T12:55:00Z
1
value 0.06705
scoring_system epss
scoring_elements 0.91345
published_at 2026-05-14T12:55:00Z
2
value 0.06705
scoring_system epss
scoring_elements 0.91301
published_at 2026-05-05T12:55:00Z
3
value 0.06705
scoring_system epss
scoring_elements 0.91317
published_at 2026-05-07T12:55:00Z
4
value 0.06705
scoring_system epss
scoring_elements 0.91328
published_at 2026-05-09T12:55:00Z
5
value 0.06705
scoring_system epss
scoring_elements 0.91325
published_at 2026-05-11T12:55:00Z
6
value 0.06705
scoring_system epss
scoring_elements 0.91335
published_at 2026-05-12T12:55:00Z
7
value 0.06705
scoring_system epss
scoring_elements 0.91206
published_at 2026-04-02T12:55:00Z
8
value 0.06705
scoring_system epss
scoring_elements 0.91215
published_at 2026-04-04T12:55:00Z
9
value 0.06705
scoring_system epss
scoring_elements 0.91221
published_at 2026-04-07T12:55:00Z
10
value 0.06705
scoring_system epss
scoring_elements 0.91235
published_at 2026-04-08T12:55:00Z
11
value 0.06705
scoring_system epss
scoring_elements 0.91241
published_at 2026-04-09T12:55:00Z
12
value 0.06705
scoring_system epss
scoring_elements 0.91248
published_at 2026-04-11T12:55:00Z
13
value 0.06705
scoring_system epss
scoring_elements 0.91251
published_at 2026-04-12T12:55:00Z
14
value 0.06705
scoring_system epss
scoring_elements 0.9125
published_at 2026-04-13T12:55:00Z
15
value 0.06705
scoring_system epss
scoring_elements 0.91275
published_at 2026-04-16T12:55:00Z
16
value 0.06705
scoring_system epss
scoring_elements 0.91274
published_at 2026-04-18T12:55:00Z
17
value 0.06705
scoring_system epss
scoring_elements 0.91277
published_at 2026-04-21T12:55:00Z
18
value 0.06705
scoring_system epss
scoring_elements 0.91287
published_at 2026-04-26T12:55:00Z
19
value 0.06705
scoring_system epss
scoring_elements 0.91285
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9513
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
reference_id
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1735741
reference_id 1735741
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1735741
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
reference_id 934885
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
reference_id 935037
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
14
reference_url https://security.archlinux.org/ASA-201908-12
reference_id ASA-201908-12
reference_type
scores
url https://security.archlinux.org/ASA-201908-12
15
reference_url https://security.archlinux.org/ASA-201908-13
reference_id ASA-201908-13
reference_type
scores
url https://security.archlinux.org/ASA-201908-13
16
reference_url https://security.archlinux.org/ASA-201908-17
reference_id ASA-201908-17
reference_type
scores
url https://security.archlinux.org/ASA-201908-17
17
reference_url https://security.archlinux.org/AVG-1022
reference_id AVG-1022
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1022
18
reference_url https://security.archlinux.org/AVG-1023
reference_id AVG-1023
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1023
19
reference_url https://security.archlinux.org/AVG-1024
reference_id AVG-1024
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1024
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9513
reference_id CVE-2019-9513
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-9513
21
reference_url https://access.redhat.com/errata/RHSA-2019:2692
reference_id RHSA-2019:2692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2692
22
reference_url https://access.redhat.com/errata/RHSA-2019:2745
reference_id RHSA-2019:2745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2745
23
reference_url https://access.redhat.com/errata/RHSA-2019:2746
reference_id RHSA-2019:2746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2746
24
reference_url https://access.redhat.com/errata/RHSA-2019:2775
reference_id RHSA-2019:2775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2775
25
reference_url https://access.redhat.com/errata/RHSA-2019:2799
reference_id RHSA-2019:2799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2799
26
reference_url https://access.redhat.com/errata/RHSA-2019:2946
reference_id RHSA-2019:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2946
27
reference_url https://access.redhat.com/errata/RHSA-2019:2949
reference_id RHSA-2019:2949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2949
28
reference_url https://access.redhat.com/errata/RHSA-2019:3041
reference_id RHSA-2019:3041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3041
29
reference_url https://access.redhat.com/errata/RHSA-2019:3932
reference_id RHSA-2019:3932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3932
30
reference_url https://access.redhat.com/errata/RHSA-2019:3933
reference_id RHSA-2019:3933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3933
31
reference_url https://access.redhat.com/errata/RHSA-2019:3935
reference_id RHSA-2019:3935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3935
32
reference_url https://access.redhat.com/errata/RHSA-2020:0983
reference_id RHSA-2020:0983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0983
33
reference_url https://usn.ubuntu.com/4099-1/
reference_id USN-4099-1
reference_type
scores
url https://usn.ubuntu.com/4099-1/
34
reference_url https://usn.ubuntu.com/6754-1/
reference_id USN-6754-1
reference_type
scores
url https://usn.ubuntu.com/6754-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
1
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
2
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2019-9513
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9hzg-r1fj-pubf
6
url VCID-asr7-uwpu-a7a5
vulnerability_id VCID-asr7-uwpu-a7a5
summary STARTTLS command injection
references
0
reference_url http://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html
1
reference_url http://marc.info/?l=bugtraq&m=142103967620673&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=142103967620673&w=2
2
reference_url http://nginx.org/download/patch.2014.starttls.txt
reference_id
reference_type
scores
url http://nginx.org/download/patch.2014.starttls.txt
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3556.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3556.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3556
reference_id
reference_type
scores
0
value 0.48169
scoring_system epss
scoring_elements 0.97763
published_at 2026-05-14T12:55:00Z
1
value 0.48169
scoring_system epss
scoring_elements 0.97707
published_at 2026-04-01T12:55:00Z
2
value 0.48169
scoring_system epss
scoring_elements 0.97752
published_at 2026-05-11T12:55:00Z
3
value 0.48169
scoring_system epss
scoring_elements 0.97756
published_at 2026-05-12T12:55:00Z
4
value 0.48169
scoring_system epss
scoring_elements 0.97714
published_at 2026-04-02T12:55:00Z
5
value 0.48169
scoring_system epss
scoring_elements 0.97715
published_at 2026-04-04T12:55:00Z
6
value 0.48169
scoring_system epss
scoring_elements 0.97716
published_at 2026-04-07T12:55:00Z
7
value 0.48169
scoring_system epss
scoring_elements 0.9772
published_at 2026-04-08T12:55:00Z
8
value 0.48169
scoring_system epss
scoring_elements 0.97723
published_at 2026-04-09T12:55:00Z
9
value 0.48169
scoring_system epss
scoring_elements 0.97726
published_at 2026-04-11T12:55:00Z
10
value 0.48169
scoring_system epss
scoring_elements 0.97728
published_at 2026-04-12T12:55:00Z
11
value 0.48169
scoring_system epss
scoring_elements 0.9773
published_at 2026-04-13T12:55:00Z
12
value 0.48169
scoring_system epss
scoring_elements 0.97735
published_at 2026-04-16T12:55:00Z
13
value 0.48169
scoring_system epss
scoring_elements 0.97738
published_at 2026-04-26T12:55:00Z
14
value 0.48169
scoring_system epss
scoring_elements 0.97745
published_at 2026-04-29T12:55:00Z
15
value 0.48169
scoring_system epss
scoring_elements 0.97748
published_at 2026-05-05T12:55:00Z
16
value 0.48169
scoring_system epss
scoring_elements 0.9775
published_at 2026-05-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3556
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556
6
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html
7
reference_url https://nginx.org/download/patch.2014.starttls.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2014.starttls.txt
8
reference_url https://nginx.org/download/patch.2014.starttls.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2014.starttls.txt.asc
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1126891
reference_id 1126891
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1126891
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757196
reference_id 757196
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757196
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3556
reference_id CVE-2014-3556
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-3556
fixed_packages
0
url pkg:deb/debian/nginx@1.6.2-5
purl pkg:deb/debian/nginx@1.6.2-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-uqb5-ensa-8yht
22
vulnerability VCID-wc3j-5xmu-kyex
23
vulnerability VCID-y3tg-7fge-1yfy
24
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5
aliases CVE-2014-3556
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-asr7-uwpu-a7a5
7
url VCID-bana-j1wy-cfdy
vulnerability_id VCID-bana-j1wy-cfdy
summary Excessive CPU usage in HTTP/2
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16844.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16844.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16844
reference_id
reference_type
scores
0
value 0.10883
scoring_system epss
scoring_elements 0.93353
published_at 2026-04-01T12:55:00Z
1
value 0.10883
scoring_system epss
scoring_elements 0.93463
published_at 2026-05-14T12:55:00Z
2
value 0.10883
scoring_system epss
scoring_elements 0.93444
published_at 2026-05-11T12:55:00Z
3
value 0.10883
scoring_system epss
scoring_elements 0.9345
published_at 2026-05-12T12:55:00Z
4
value 0.10883
scoring_system epss
scoring_elements 0.93361
published_at 2026-04-02T12:55:00Z
5
value 0.10883
scoring_system epss
scoring_elements 0.93369
published_at 2026-04-07T12:55:00Z
6
value 0.10883
scoring_system epss
scoring_elements 0.93377
published_at 2026-04-08T12:55:00Z
7
value 0.10883
scoring_system epss
scoring_elements 0.93381
published_at 2026-04-09T12:55:00Z
8
value 0.10883
scoring_system epss
scoring_elements 0.93386
published_at 2026-04-11T12:55:00Z
9
value 0.10883
scoring_system epss
scoring_elements 0.93384
published_at 2026-04-12T12:55:00Z
10
value 0.10883
scoring_system epss
scoring_elements 0.93385
published_at 2026-04-13T12:55:00Z
11
value 0.10883
scoring_system epss
scoring_elements 0.93404
published_at 2026-04-16T12:55:00Z
12
value 0.10883
scoring_system epss
scoring_elements 0.93408
published_at 2026-04-18T12:55:00Z
13
value 0.10883
scoring_system epss
scoring_elements 0.93416
published_at 2026-04-26T12:55:00Z
14
value 0.10883
scoring_system epss
scoring_elements 0.93419
published_at 2026-04-24T12:55:00Z
15
value 0.10883
scoring_system epss
scoring_elements 0.93415
published_at 2026-04-29T12:55:00Z
16
value 0.10883
scoring_system epss
scoring_elements 0.93421
published_at 2026-05-05T12:55:00Z
17
value 0.10883
scoring_system epss
scoring_elements 0.93433
published_at 2026-05-07T12:55:00Z
18
value 0.10883
scoring_system epss
scoring_elements 0.93443
published_at 2026-05-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16844
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
reference_id
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1644510
reference_id 1644510
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1644510
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
reference_id 913090
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16844
reference_id CVE-2018-16844
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-16844
10
reference_url https://access.redhat.com/errata/RHSA-2018:3680
reference_id RHSA-2018:3680
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3680
11
reference_url https://access.redhat.com/errata/RHSA-2018:3681
reference_id RHSA-2018:3681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3681
12
reference_url https://usn.ubuntu.com/3812-1/
reference_id USN-3812-1
reference_type
scores
url https://usn.ubuntu.com/3812-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
1
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
aliases CVE-2018-16844
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bana-j1wy-cfdy
8
url VCID-c4ta-jqmg-wfgf
vulnerability_id VCID-c4ta-jqmg-wfgf
summary lua-nginx-module: HTTP request smuggling via a crafted HEAD request
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33452.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33452.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-33452
reference_id
reference_type
scores
0
value 0.00705
scoring_system epss
scoring_elements 0.72093
published_at 2026-04-13T12:55:00Z
1
value 0.00705
scoring_system epss
scoring_elements 0.72075
published_at 2026-04-04T12:55:00Z
2
value 0.00705
scoring_system epss
scoring_elements 0.72051
published_at 2026-04-07T12:55:00Z
3
value 0.00705
scoring_system epss
scoring_elements 0.72089
published_at 2026-04-08T12:55:00Z
4
value 0.00705
scoring_system epss
scoring_elements 0.721
published_at 2026-04-09T12:55:00Z
5
value 0.00705
scoring_system epss
scoring_elements 0.72123
published_at 2026-04-11T12:55:00Z
6
value 0.00705
scoring_system epss
scoring_elements 0.72108
published_at 2026-04-12T12:55:00Z
7
value 0.00705
scoring_system epss
scoring_elements 0.72134
published_at 2026-04-16T12:55:00Z
8
value 0.00705
scoring_system epss
scoring_elements 0.72142
published_at 2026-04-18T12:55:00Z
9
value 0.00705
scoring_system epss
scoring_elements 0.72128
published_at 2026-04-21T12:55:00Z
10
value 0.00705
scoring_system epss
scoring_elements 0.72171
published_at 2026-04-24T12:55:00Z
11
value 0.00705
scoring_system epss
scoring_elements 0.7218
published_at 2026-04-26T12:55:00Z
12
value 0.00705
scoring_system epss
scoring_elements 0.72055
published_at 2026-04-02T12:55:00Z
13
value 0.00926
scoring_system epss
scoring_elements 0.76125
published_at 2026-05-05T12:55:00Z
14
value 0.00926
scoring_system epss
scoring_elements 0.76116
published_at 2026-04-29T12:55:00Z
15
value 0.0129
scoring_system epss
scoring_elements 0.79801
published_at 2026-05-09T12:55:00Z
16
value 0.0129
scoring_system epss
scoring_elements 0.79797
published_at 2026-05-11T12:55:00Z
17
value 0.0129
scoring_system epss
scoring_elements 0.79812
published_at 2026-05-12T12:55:00Z
18
value 0.0129
scoring_system epss
scoring_elements 0.79785
published_at 2026-05-07T12:55:00Z
19
value 0.0129
scoring_system epss
scoring_elements 0.7985
published_at 2026-05-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-33452
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33452
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33452
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2361691
reference_id 2361691
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2361691
4
reference_url https://www.benasin.space/2025/03/18/OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests/
reference_id OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T19:26:16Z/
url https://www.benasin.space/2025/03/18/OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests/
fixed_packages
0
url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2cu7-pyw5-t3dm
1
vulnerability VCID-3czf-dtzg-8kdm
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-fmvd-vyt7-mkfk
4
vulnerability VCID-kpjx-rrjs-subs
5
vulnerability VCID-sxf9-qr1j-u3et
6
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3
aliases CVE-2024-33452
risk_score 3.5
exploitability 0.5
weighted_severity 6.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ta-jqmg-wfgf
9
url VCID-c9ym-ckeq-63dq
vulnerability_id VCID-c9ym-ckeq-63dq
summary Memory corruption in the ngx_http_mp4_module
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41741.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41741.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41741
reference_id
reference_type
scores
0
value 0.00828
scoring_system epss
scoring_elements 0.74532
published_at 2026-04-16T12:55:00Z
1
value 0.00828
scoring_system epss
scoring_elements 0.74675
published_at 2026-05-14T12:55:00Z
2
value 0.00828
scoring_system epss
scoring_elements 0.74619
published_at 2026-05-12T12:55:00Z
3
value 0.00828
scoring_system epss
scoring_elements 0.74599
published_at 2026-05-11T12:55:00Z
4
value 0.00828
scoring_system epss
scoring_elements 0.74631
published_at 2026-05-09T12:55:00Z
5
value 0.00828
scoring_system epss
scoring_elements 0.74605
published_at 2026-05-07T12:55:00Z
6
value 0.00828
scoring_system epss
scoring_elements 0.74575
published_at 2026-05-05T12:55:00Z
7
value 0.00828
scoring_system epss
scoring_elements 0.74573
published_at 2026-04-29T12:55:00Z
8
value 0.00828
scoring_system epss
scoring_elements 0.74566
published_at 2026-04-24T12:55:00Z
9
value 0.00828
scoring_system epss
scoring_elements 0.74539
published_at 2026-04-18T12:55:00Z
10
value 0.00828
scoring_system epss
scoring_elements 0.74531
published_at 2026-04-21T12:55:00Z
11
value 0.00851
scoring_system epss
scoring_elements 0.74876
published_at 2026-04-04T12:55:00Z
12
value 0.00851
scoring_system epss
scoring_elements 0.74847
published_at 2026-04-02T12:55:00Z
13
value 0.00851
scoring_system epss
scoring_elements 0.74849
published_at 2026-04-07T12:55:00Z
14
value 0.00851
scoring_system epss
scoring_elements 0.74882
published_at 2026-04-08T12:55:00Z
15
value 0.00851
scoring_system epss
scoring_elements 0.74895
published_at 2026-04-09T12:55:00Z
16
value 0.00851
scoring_system epss
scoring_elements 0.74919
published_at 2026-04-11T12:55:00Z
17
value 0.00851
scoring_system epss
scoring_elements 0.74897
published_at 2026-04-12T12:55:00Z
18
value 0.00851
scoring_system epss
scoring_elements 0.74887
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41741
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html
6
reference_url https://nginx.org/download/patch.2022.mp4.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2022.mp4.txt
7
reference_url https://nginx.org/download/patch.2022.mp4.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2022.mp4.txt.asc
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2141495
reference_id 2141495
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2141495
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/
reference_id BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41741
reference_id CVE-2022-41741
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-41741
11
reference_url https://www.debian.org/security/2022/dsa-5281
reference_id dsa-5281
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://www.debian.org/security/2022/dsa-5281
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/
reference_id FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/
13
reference_url https://support.f5.com/csp/article/K81926432
reference_id K81926432
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://support.f5.com/csp/article/K81926432
14
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html
reference_id msg00031.html
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html
15
reference_url https://security.netapp.com/advisory/ntap-20230120-0005/
reference_id ntap-20230120-0005
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://security.netapp.com/advisory/ntap-20230120-0005/
16
reference_url https://access.redhat.com/errata/RHSA-2025:7402
reference_id RHSA-2025:7402
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7402
17
reference_url https://access.redhat.com/errata/RHSA-2025:7546
reference_id RHSA-2025:7546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7546
18
reference_url https://access.redhat.com/errata/RHSA-2025:7619
reference_id RHSA-2025:7619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7619
19
reference_url https://usn.ubuntu.com/5722-1/
reference_id USN-5722-1
reference_type
scores
url https://usn.ubuntu.com/5722-1/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/
reference_id WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/
fixed_packages
0
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2022-41741
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c9ym-ckeq-63dq
10
url VCID-cbn4-utmp-n7ba
vulnerability_id VCID-cbn4-utmp-n7ba
summary 1-byte memory overwrite in resolver
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23017.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23017.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-23017
reference_id
reference_type
scores
0
value 0.73166
scoring_system epss
scoring_elements 0.98815
published_at 2026-05-14T12:55:00Z
1
value 0.73166
scoring_system epss
scoring_elements 0.98794
published_at 2026-04-18T12:55:00Z
2
value 0.73166
scoring_system epss
scoring_elements 0.98805
published_at 2026-05-05T12:55:00Z
3
value 0.73166
scoring_system epss
scoring_elements 0.98806
published_at 2026-05-07T12:55:00Z
4
value 0.73166
scoring_system epss
scoring_elements 0.98809
published_at 2026-05-09T12:55:00Z
5
value 0.73166
scoring_system epss
scoring_elements 0.98811
published_at 2026-05-11T12:55:00Z
6
value 0.73166
scoring_system epss
scoring_elements 0.98812
published_at 2026-05-12T12:55:00Z
7
value 0.73544
scoring_system epss
scoring_elements 0.98801
published_at 2026-04-09T12:55:00Z
8
value 0.73544
scoring_system epss
scoring_elements 0.98805
published_at 2026-04-13T12:55:00Z
9
value 0.73544
scoring_system epss
scoring_elements 0.98817
published_at 2026-04-29T12:55:00Z
10
value 0.73544
scoring_system epss
scoring_elements 0.98794
published_at 2026-04-02T12:55:00Z
11
value 0.73544
scoring_system epss
scoring_elements 0.98797
published_at 2026-04-04T12:55:00Z
12
value 0.73544
scoring_system epss
scoring_elements 0.98804
published_at 2026-04-12T12:55:00Z
13
value 0.73544
scoring_system epss
scoring_elements 0.98813
published_at 2026-04-21T12:55:00Z
14
value 0.73544
scoring_system epss
scoring_elements 0.98816
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-23017
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html
5
reference_url https://nginx.org/download/patch.2021.resolver.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2021.resolver.txt
6
reference_url https://nginx.org/download/patch.2021.resolver.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2021.resolver.txt.asc
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1963121
reference_id 1963121
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1963121
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989095
reference_id 989095
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989095
9
reference_url https://security.archlinux.org/ASA-202106-36
reference_id ASA-202106-36
reference_type
scores
url https://security.archlinux.org/ASA-202106-36
10
reference_url https://security.archlinux.org/ASA-202106-48
reference_id ASA-202106-48
reference_type
scores
url https://security.archlinux.org/ASA-202106-48
11
reference_url https://security.archlinux.org/AVG-1987
reference_id AVG-1987
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1987
12
reference_url https://security.archlinux.org/AVG-1988
reference_id AVG-1988
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1988
13
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/50973.py
reference_id CVE-2021-23017
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/50973.py
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-23017
reference_id CVE-2021-23017
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-23017
15
reference_url https://security.gentoo.org/glsa/202105-38
reference_id GLSA-202105-38
reference_type
scores
url https://security.gentoo.org/glsa/202105-38
16
reference_url https://access.redhat.com/errata/RHSA-2021:2258
reference_id RHSA-2021:2258
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2258
17
reference_url https://access.redhat.com/errata/RHSA-2021:2259
reference_id RHSA-2021:2259
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2259
18
reference_url https://access.redhat.com/errata/RHSA-2021:2278
reference_id RHSA-2021:2278
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2278
19
reference_url https://access.redhat.com/errata/RHSA-2021:2290
reference_id RHSA-2021:2290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2290
20
reference_url https://access.redhat.com/errata/RHSA-2021:3653
reference_id RHSA-2021:3653
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3653
21
reference_url https://access.redhat.com/errata/RHSA-2021:3851
reference_id RHSA-2021:3851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3851
22
reference_url https://access.redhat.com/errata/RHSA-2021:3925
reference_id RHSA-2021:3925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3925
23
reference_url https://access.redhat.com/errata/RHSA-2022:0323
reference_id RHSA-2022:0323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0323
24
reference_url https://usn.ubuntu.com/4967-1/
reference_id USN-4967-1
reference_type
scores
url https://usn.ubuntu.com/4967-1/
25
reference_url https://usn.ubuntu.com/4967-2/
reference_id USN-4967-2
reference_type
scores
url https://usn.ubuntu.com/4967-2/
fixed_packages
0
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
1
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2021-23017
risk_score 10.0
exploitability 2.0
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbn4-utmp-n7ba
11
url VCID-cjx4-a19z-xufq
vulnerability_id VCID-cjx4-a19z-xufq
summary Integer overflow in the range filter
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7529.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7529.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7529
reference_id
reference_type
scores
0
value 0.91909
scoring_system epss
scoring_elements 0.99689
published_at 2026-04-02T12:55:00Z
1
value 0.91909
scoring_system epss
scoring_elements 0.99705
published_at 2026-05-14T12:55:00Z
2
value 0.91909
scoring_system epss
scoring_elements 0.99692
published_at 2026-04-09T12:55:00Z
3
value 0.91909
scoring_system epss
scoring_elements 0.99693
published_at 2026-04-11T12:55:00Z
4
value 0.91909
scoring_system epss
scoring_elements 0.99694
published_at 2026-04-12T12:55:00Z
5
value 0.91909
scoring_system epss
scoring_elements 0.99699
published_at 2026-04-29T12:55:00Z
6
value 0.91909
scoring_system epss
scoring_elements 0.99701
published_at 2026-05-07T12:55:00Z
7
value 0.91909
scoring_system epss
scoring_elements 0.99702
published_at 2026-05-11T12:55:00Z
8
value 0.91909
scoring_system epss
scoring_elements 0.99703
published_at 2026-05-12T12:55:00Z
9
value 0.91909
scoring_system epss
scoring_elements 0.9969
published_at 2026-04-04T12:55:00Z
10
value 0.91909
scoring_system epss
scoring_elements 0.99691
published_at 2026-04-07T12:55:00Z
11
value 0.91959
scoring_system epss
scoring_elements 0.99701
published_at 2026-04-21T12:55:00Z
12
value 0.92868
scoring_system epss
scoring_elements 0.99768
published_at 2026-04-13T12:55:00Z
13
value 0.92868
scoring_system epss
scoring_elements 0.99769
published_at 2026-04-16T12:55:00Z
14
value 0.92868
scoring_system epss
scoring_elements 0.9977
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7529
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529
3
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html
4
reference_url https://nginx.org/download/patch.2017.ranges.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2017.ranges.txt
5
reference_url https://nginx.org/download/patch.2017.ranges.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2017.ranges.txt.asc
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1468584
reference_id 1468584
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1468584
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868109
reference_id 868109
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868109
8
reference_url https://security.archlinux.org/ASA-201707-11
reference_id ASA-201707-11
reference_type
scores
url https://security.archlinux.org/ASA-201707-11
9
reference_url https://security.archlinux.org/ASA-201707-12
reference_id ASA-201707-12
reference_type
scores
url https://security.archlinux.org/ASA-201707-12
10
reference_url https://security.archlinux.org/AVG-345
reference_id AVG-345
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-345
11
reference_url https://security.archlinux.org/AVG-346
reference_id AVG-346
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-346
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7529
reference_id CVE-2017-7529
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-7529
13
reference_url https://access.redhat.com/errata/RHSA-2017:2538
reference_id RHSA-2017:2538
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2538
14
reference_url https://usn.ubuntu.com/3352-1/
reference_id USN-3352-1
reference_type
scores
url https://usn.ubuntu.com/3352-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-wc3j-5xmu-kyex
22
vulnerability VCID-y3tg-7fge-1yfy
23
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u5
1
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
2
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
aliases CVE-2017-7529
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cjx4-a19z-xufq
12
url VCID-dmv4-ydq9-a7eq
vulnerability_id VCID-dmv4-ydq9-a7eq
summary Excessive CPU usage in HTTP/2 with small window updates
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9511
reference_id
reference_type
scores
0
value 0.13948
scoring_system epss
scoring_elements 0.94283
published_at 2026-04-01T12:55:00Z
1
value 0.13948
scoring_system epss
scoring_elements 0.94397
published_at 2026-05-14T12:55:00Z
2
value 0.13948
scoring_system epss
scoring_elements 0.9435
published_at 2026-05-05T12:55:00Z
3
value 0.13948
scoring_system epss
scoring_elements 0.94359
published_at 2026-05-07T12:55:00Z
4
value 0.13948
scoring_system epss
scoring_elements 0.94371
published_at 2026-05-09T12:55:00Z
5
value 0.13948
scoring_system epss
scoring_elements 0.94378
published_at 2026-05-11T12:55:00Z
6
value 0.13948
scoring_system epss
scoring_elements 0.94384
published_at 2026-05-12T12:55:00Z
7
value 0.13948
scoring_system epss
scoring_elements 0.94292
published_at 2026-04-02T12:55:00Z
8
value 0.13948
scoring_system epss
scoring_elements 0.94302
published_at 2026-04-04T12:55:00Z
9
value 0.13948
scoring_system epss
scoring_elements 0.94304
published_at 2026-04-07T12:55:00Z
10
value 0.13948
scoring_system epss
scoring_elements 0.94313
published_at 2026-04-08T12:55:00Z
11
value 0.13948
scoring_system epss
scoring_elements 0.94318
published_at 2026-04-09T12:55:00Z
12
value 0.13948
scoring_system epss
scoring_elements 0.94322
published_at 2026-04-12T12:55:00Z
13
value 0.13948
scoring_system epss
scoring_elements 0.94324
published_at 2026-04-13T12:55:00Z
14
value 0.13948
scoring_system epss
scoring_elements 0.94339
published_at 2026-04-16T12:55:00Z
15
value 0.13948
scoring_system epss
scoring_elements 0.94344
published_at 2026-04-21T12:55:00Z
16
value 0.13948
scoring_system epss
scoring_elements 0.94347
published_at 2026-04-26T12:55:00Z
17
value 0.13948
scoring_system epss
scoring_elements 0.94345
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9511
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1741860
reference_id 1741860
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1741860
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
reference_id 934885
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
reference_id 935037
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
14
reference_url https://security.archlinux.org/ASA-201908-12
reference_id ASA-201908-12
reference_type
scores
url https://security.archlinux.org/ASA-201908-12
15
reference_url https://security.archlinux.org/ASA-201908-13
reference_id ASA-201908-13
reference_type
scores
url https://security.archlinux.org/ASA-201908-13
16
reference_url https://security.archlinux.org/ASA-201908-17
reference_id ASA-201908-17
reference_type
scores
url https://security.archlinux.org/ASA-201908-17
17
reference_url https://security.archlinux.org/AVG-1022
reference_id AVG-1022
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1022
18
reference_url https://security.archlinux.org/AVG-1023
reference_id AVG-1023
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1023
19
reference_url https://security.archlinux.org/AVG-1024
reference_id AVG-1024
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1024
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9511
reference_id CVE-2019-9511
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-9511
21
reference_url https://access.redhat.com/errata/RHSA-2019:2692
reference_id RHSA-2019:2692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2692
22
reference_url https://access.redhat.com/errata/RHSA-2019:2745
reference_id RHSA-2019:2745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2745
23
reference_url https://access.redhat.com/errata/RHSA-2019:2746
reference_id RHSA-2019:2746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2746
24
reference_url https://access.redhat.com/errata/RHSA-2019:2775
reference_id RHSA-2019:2775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2775
25
reference_url https://access.redhat.com/errata/RHSA-2019:2799
reference_id RHSA-2019:2799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2799
26
reference_url https://access.redhat.com/errata/RHSA-2019:2946
reference_id RHSA-2019:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2946
27
reference_url https://access.redhat.com/errata/RHSA-2019:2949
reference_id RHSA-2019:2949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2949
28
reference_url https://access.redhat.com/errata/RHSA-2019:3041
reference_id RHSA-2019:3041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3041
29
reference_url https://access.redhat.com/errata/RHSA-2019:3932
reference_id RHSA-2019:3932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3932
30
reference_url https://access.redhat.com/errata/RHSA-2019:3933
reference_id RHSA-2019:3933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3933
31
reference_url https://access.redhat.com/errata/RHSA-2019:3935
reference_id RHSA-2019:3935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3935
32
reference_url https://access.redhat.com/errata/RHSA-2020:0922
reference_id RHSA-2020:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0922
33
reference_url https://access.redhat.com/errata/RHSA-2020:1445
reference_id RHSA-2020:1445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1445
34
reference_url https://access.redhat.com/errata/RHSA-2020:2067
reference_id RHSA-2020:2067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2067
35
reference_url https://access.redhat.com/errata/RHSA-2020:2565
reference_id RHSA-2020:2565
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2565
36
reference_url https://access.redhat.com/errata/RHSA-2020:3192
reference_id RHSA-2020:3192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3192
37
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
38
reference_url https://usn.ubuntu.com/4099-1/
reference_id USN-4099-1
reference_type
scores
url https://usn.ubuntu.com/4099-1/
39
reference_url https://usn.ubuntu.com/6754-1/
reference_id USN-6754-1
reference_type
scores
url https://usn.ubuntu.com/6754-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
1
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
2
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2019-9511
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmv4-ydq9-a7eq
13
url VCID-e49f-y1ky-5yb4
vulnerability_id VCID-e49f-y1ky-5yb4
summary Insufficient limits of CNAME resolution in resolver
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
1
reference_url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0747.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0747.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0747
reference_id
reference_type
scores
0
value 0.20023
scoring_system epss
scoring_elements 0.955
published_at 2026-05-05T12:55:00Z
1
value 0.20023
scoring_system epss
scoring_elements 0.9549
published_at 2026-04-29T12:55:00Z
2
value 0.20443
scoring_system epss
scoring_elements 0.95588
published_at 2026-05-09T12:55:00Z
3
value 0.20443
scoring_system epss
scoring_elements 0.95594
published_at 2026-05-11T12:55:00Z
4
value 0.20443
scoring_system epss
scoring_elements 0.95581
published_at 2026-05-07T12:55:00Z
5
value 0.20443
scoring_system epss
scoring_elements 0.95598
published_at 2026-05-12T12:55:00Z
6
value 0.20443
scoring_system epss
scoring_elements 0.95612
published_at 2026-05-14T12:55:00Z
7
value 0.33182
scoring_system epss
scoring_elements 0.96901
published_at 2026-04-11T12:55:00Z
8
value 0.33182
scoring_system epss
scoring_elements 0.96903
published_at 2026-04-12T12:55:00Z
9
value 0.33182
scoring_system epss
scoring_elements 0.96911
published_at 2026-04-16T12:55:00Z
10
value 0.33182
scoring_system epss
scoring_elements 0.96915
published_at 2026-04-18T12:55:00Z
11
value 0.33182
scoring_system epss
scoring_elements 0.96918
published_at 2026-04-21T12:55:00Z
12
value 0.33182
scoring_system epss
scoring_elements 0.96919
published_at 2026-04-24T12:55:00Z
13
value 0.33182
scoring_system epss
scoring_elements 0.96921
published_at 2026-04-26T12:55:00Z
14
value 0.33182
scoring_system epss
scoring_elements 0.96904
published_at 2026-04-13T12:55:00Z
15
value 0.33182
scoring_system epss
scoring_elements 0.96872
published_at 2026-04-01T12:55:00Z
16
value 0.33182
scoring_system epss
scoring_elements 0.9688
published_at 2026-04-02T12:55:00Z
17
value 0.33182
scoring_system epss
scoring_elements 0.96884
published_at 2026-04-04T12:55:00Z
18
value 0.33182
scoring_system epss
scoring_elements 0.96889
published_at 2026-04-07T12:55:00Z
19
value 0.33182
scoring_system epss
scoring_elements 0.96897
published_at 2026-04-08T12:55:00Z
20
value 0.33182
scoring_system epss
scoring_elements 0.96899
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0747
4
reference_url https://bto.bluecoat.com/security-advisory/sa115
reference_id
reference_type
scores
url https://bto.bluecoat.com/security-advisory/sa115
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
8
reference_url http://seclists.org/fulldisclosure/2021/Sep/36
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2021/Sep/36
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
11
reference_url https://support.apple.com/kb/HT212818
reference_id
reference_type
scores
url https://support.apple.com/kb/HT212818
12
reference_url http://www.debian.org/security/2016/dsa-3473
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3473
13
reference_url http://www.securitytracker.com/id/1034869
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1034869
14
reference_url http://www.ubuntu.com/usn/USN-2892-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2892-1
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302589
reference_id 1302589
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302589
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
reference_id 812806
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0747
reference_id CVE-2016-0747
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://nvd.nist.gov/vuln/detail/CVE-2016-0747
26
reference_url https://security.gentoo.org/glsa/201606-06
reference_id GLSA-201606-06
reference_type
scores
url https://security.gentoo.org/glsa/201606-06
27
reference_url https://access.redhat.com/errata/RHSA-2016:1425
reference_id RHSA-2016:1425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1425
28
reference_url https://usn.ubuntu.com/2892-1/
reference_id USN-2892-1
reference_type
scores
url https://usn.ubuntu.com/2892-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
1
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u2~bpo70%2B1
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u2~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-uqb5-ensa-8yht
22
vulnerability VCID-wc3j-5xmu-kyex
23
vulnerability VCID-y3tg-7fge-1yfy
24
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u2~bpo70%252B1
2
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2016-0747
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e49f-y1ky-5yb4
14
url VCID-eb23-pd25-yqg3
vulnerability_id VCID-eb23-pd25-yqg3
summary Buffer overread in the ngx_http_mp4_module
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7347.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7347.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-7347
reference_id
reference_type
scores
0
value 0.00197
scoring_system epss
scoring_elements 0.41622
published_at 2026-04-02T12:55:00Z
1
value 0.00197
scoring_system epss
scoring_elements 0.41307
published_at 2026-05-07T12:55:00Z
2
value 0.00197
scoring_system epss
scoring_elements 0.4166
published_at 2026-04-16T12:55:00Z
3
value 0.00197
scoring_system epss
scoring_elements 0.41634
published_at 2026-04-18T12:55:00Z
4
value 0.00197
scoring_system epss
scoring_elements 0.41331
published_at 2026-05-14T12:55:00Z
5
value 0.00197
scoring_system epss
scoring_elements 0.41257
published_at 2026-05-12T12:55:00Z
6
value 0.00197
scoring_system epss
scoring_elements 0.4123
published_at 2026-05-11T12:55:00Z
7
value 0.00197
scoring_system epss
scoring_elements 0.41324
published_at 2026-05-09T12:55:00Z
8
value 0.00197
scoring_system epss
scoring_elements 0.41236
published_at 2026-05-05T12:55:00Z
9
value 0.00202
scoring_system epss
scoring_elements 0.42109
published_at 2026-04-29T12:55:00Z
10
value 0.00202
scoring_system epss
scoring_elements 0.42313
published_at 2026-04-13T12:55:00Z
11
value 0.00202
scoring_system epss
scoring_elements 0.42358
published_at 2026-04-04T12:55:00Z
12
value 0.00202
scoring_system epss
scoring_elements 0.423
published_at 2026-04-07T12:55:00Z
13
value 0.00202
scoring_system epss
scoring_elements 0.42348
published_at 2026-04-08T12:55:00Z
14
value 0.00202
scoring_system epss
scoring_elements 0.42355
published_at 2026-04-09T12:55:00Z
15
value 0.00202
scoring_system epss
scoring_elements 0.42377
published_at 2026-04-11T12:55:00Z
16
value 0.00202
scoring_system epss
scoring_elements 0.42341
published_at 2026-04-12T12:55:00Z
17
value 0.00202
scoring_system epss
scoring_elements 0.42264
published_at 2026-04-21T12:55:00Z
18
value 0.00202
scoring_system epss
scoring_elements 0.42197
published_at 2026-04-24T12:55:00Z
19
value 0.00202
scoring_system epss
scoring_elements 0.42192
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-7347
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7347
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7347
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2024/UUOCLLONPR6244YQYU65PO5LB7JDYCWM.html
reference_id
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2024/UUOCLLONPR6244YQYU65PO5LB7JDYCWM.html
5
reference_url https://nginx.org/download/patch.2024.mp4.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2024.mp4.txt
6
reference_url https://nginx.org/download/patch.2024.mp4.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2024.mp4.txt.asc
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078971
reference_id 1078971
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078971
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2304966
reference_id 2304966
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2304966
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-7347
reference_id CVE-2024-7347
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2024-7347
10
reference_url https://security.gentoo.org/glsa/202409-32
reference_id GLSA-202409-32
reference_type
scores
url https://security.gentoo.org/glsa/202409-32
11
reference_url https://my.f5.com/manage/s/article/K000140529
reference_id K000140529
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T15:27:31Z/
url https://my.f5.com/manage/s/article/K000140529
12
reference_url https://access.redhat.com/errata/RHSA-2025:3261
reference_id RHSA-2025:3261
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3261
13
reference_url https://access.redhat.com/errata/RHSA-2025:3262
reference_id RHSA-2025:3262
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3262
14
reference_url https://access.redhat.com/errata/RHSA-2025:7402
reference_id RHSA-2025:7402
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7402
15
reference_url https://access.redhat.com/errata/RHSA-2025:7542
reference_id RHSA-2025:7542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7542
16
reference_url https://access.redhat.com/errata/RHSA-2025:7546
reference_id RHSA-2025:7546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7546
17
reference_url https://access.redhat.com/errata/RHSA-2025:7548
reference_id RHSA-2025:7548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7548
18
reference_url https://access.redhat.com/errata/RHSA-2025:7549
reference_id RHSA-2025:7549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7549
19
reference_url https://access.redhat.com/errata/RHSA-2025:7619
reference_id RHSA-2025:7619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7619
20
reference_url https://usn.ubuntu.com/7014-1/
reference_id USN-7014-1
reference_type
scores
url https://usn.ubuntu.com/7014-1/
21
reference_url https://usn.ubuntu.com/7014-2/
reference_id USN-7014-2
reference_type
scores
url https://usn.ubuntu.com/7014-2/
22
reference_url https://usn.ubuntu.com/7014-3/
reference_id USN-7014-3
reference_type
scores
url https://usn.ubuntu.com/7014-3/
fixed_packages
0
url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2cu7-pyw5-t3dm
1
vulnerability VCID-3czf-dtzg-8kdm
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-fmvd-vyt7-mkfk
4
vulnerability VCID-kpjx-rrjs-subs
5
vulnerability VCID-sxf9-qr1j-u3et
6
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3
aliases CVE-2024-7347
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eb23-pd25-yqg3
15
url VCID-fgaf-wqmd-gqf3
vulnerability_id VCID-fgaf-wqmd-gqf3
summary nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)
references
0
reference_url https://access.redhat.com/security/cve/cve-2011-4968
reference_id
reference_type
scores
url https://access.redhat.com/security/cve/cve-2011-4968
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4968
reference_id
reference_type
scores
0
value 0.00391
scoring_system epss
scoring_elements 0.60229
published_at 2026-05-14T12:55:00Z
1
value 0.00391
scoring_system epss
scoring_elements 0.60167
published_at 2026-05-12T12:55:00Z
2
value 0.00391
scoring_system epss
scoring_elements 0.59987
published_at 2026-04-01T12:55:00Z
3
value 0.00391
scoring_system epss
scoring_elements 0.60065
published_at 2026-04-02T12:55:00Z
4
value 0.00391
scoring_system epss
scoring_elements 0.60089
published_at 2026-04-04T12:55:00Z
5
value 0.00391
scoring_system epss
scoring_elements 0.60059
published_at 2026-04-07T12:55:00Z
6
value 0.00391
scoring_system epss
scoring_elements 0.6011
published_at 2026-04-08T12:55:00Z
7
value 0.00391
scoring_system epss
scoring_elements 0.60123
published_at 2026-04-09T12:55:00Z
8
value 0.00391
scoring_system epss
scoring_elements 0.60145
published_at 2026-04-11T12:55:00Z
9
value 0.00391
scoring_system epss
scoring_elements 0.6013
published_at 2026-04-12T12:55:00Z
10
value 0.00391
scoring_system epss
scoring_elements 0.60112
published_at 2026-04-13T12:55:00Z
11
value 0.00391
scoring_system epss
scoring_elements 0.60151
published_at 2026-04-16T12:55:00Z
12
value 0.00391
scoring_system epss
scoring_elements 0.60157
published_at 2026-04-18T12:55:00Z
13
value 0.00391
scoring_system epss
scoring_elements 0.60143
published_at 2026-04-21T12:55:00Z
14
value 0.00391
scoring_system epss
scoring_elements 0.60113
published_at 2026-04-24T12:55:00Z
15
value 0.00391
scoring_system epss
scoring_elements 0.60129
published_at 2026-04-26T12:55:00Z
16
value 0.00391
scoring_system epss
scoring_elements 0.60117
published_at 2026-04-29T12:55:00Z
17
value 0.00391
scoring_system epss
scoring_elements 0.60077
published_at 2026-05-05T12:55:00Z
18
value 0.00391
scoring_system epss
scoring_elements 0.60124
published_at 2026-05-07T12:55:00Z
19
value 0.00391
scoring_system epss
scoring_elements 0.60182
published_at 2026-05-09T12:55:00Z
20
value 0.00391
scoring_system epss
scoring_elements 0.6014
published_at 2026-05-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4968
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4968
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4968
3
reference_url https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-4968
reference_id
reference_type
scores
url https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-4968
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968
5
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/80952
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/80952
6
reference_url https://security-tracker.debian.org/tracker/CVE-2011-4968
reference_id
reference_type
scores
url https://security-tracker.debian.org/tracker/CVE-2011-4968
7
reference_url http://www.openwall.com/lists/oss-security/2013/01/03/8
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/01/03/8
8
reference_url http://www.securityfocus.com/bid/57139
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/57139
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697940
reference_id 697940
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697940
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.61:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.7.61:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.61:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.62:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.7.62:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.62:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.64:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.7.64:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.64:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.65:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.7.65:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.65:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.66:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.7.66:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.66:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.8.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.33:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.8.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.35:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.8.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.36:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.40:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.8.40:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.40:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.2.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:1.2.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.2.6:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-4968
reference_id CVE-2011-4968
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2011-4968
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2011-4968
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fgaf-wqmd-gqf3
16
url VCID-jtgk-h6v6-2fgs
vulnerability_id VCID-jtgk-h6v6-2fgs
summary Use-after-free during CNAME response processing in resolver
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
1
reference_url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0746.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0746.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0746
reference_id
reference_type
scores
0
value 0.06343
scoring_system epss
scoring_elements 0.91037
published_at 2026-05-05T12:55:00Z
1
value 0.06505
scoring_system epss
scoring_elements 0.91178
published_at 2026-05-11T12:55:00Z
2
value 0.06505
scoring_system epss
scoring_elements 0.91199
published_at 2026-05-14T12:55:00Z
3
value 0.06505
scoring_system epss
scoring_elements 0.91187
published_at 2026-05-12T12:55:00Z
4
value 0.06505
scoring_system epss
scoring_elements 0.91179
published_at 2026-05-09T12:55:00Z
5
value 0.06505
scoring_system epss
scoring_elements 0.91168
published_at 2026-05-07T12:55:00Z
6
value 0.08154
scoring_system epss
scoring_elements 0.92195
published_at 2026-04-29T12:55:00Z
7
value 0.14006
scoring_system epss
scoring_elements 0.94335
published_at 2026-04-12T12:55:00Z
8
value 0.14006
scoring_system epss
scoring_elements 0.94336
published_at 2026-04-13T12:55:00Z
9
value 0.14006
scoring_system epss
scoring_elements 0.94357
published_at 2026-04-18T12:55:00Z
10
value 0.14006
scoring_system epss
scoring_elements 0.94356
published_at 2026-04-21T12:55:00Z
11
value 0.14006
scoring_system epss
scoring_elements 0.94359
published_at 2026-04-24T12:55:00Z
12
value 0.14006
scoring_system epss
scoring_elements 0.94358
published_at 2026-04-26T12:55:00Z
13
value 0.14006
scoring_system epss
scoring_elements 0.94351
published_at 2026-04-16T12:55:00Z
14
value 0.14006
scoring_system epss
scoring_elements 0.94296
published_at 2026-04-01T12:55:00Z
15
value 0.14006
scoring_system epss
scoring_elements 0.94305
published_at 2026-04-02T12:55:00Z
16
value 0.14006
scoring_system epss
scoring_elements 0.94316
published_at 2026-04-04T12:55:00Z
17
value 0.14006
scoring_system epss
scoring_elements 0.94317
published_at 2026-04-07T12:55:00Z
18
value 0.14006
scoring_system epss
scoring_elements 0.94326
published_at 2026-04-08T12:55:00Z
19
value 0.14006
scoring_system epss
scoring_elements 0.94331
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0746
4
reference_url https://bto.bluecoat.com/security-advisory/sa115
reference_id
reference_type
scores
url https://bto.bluecoat.com/security-advisory/sa115
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
8
reference_url http://seclists.org/fulldisclosure/2021/Sep/36
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2021/Sep/36
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
11
reference_url https://support.apple.com/kb/HT212818
reference_id
reference_type
scores
url https://support.apple.com/kb/HT212818
12
reference_url http://www.debian.org/security/2016/dsa-3473
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3473
13
reference_url http://www.securitytracker.com/id/1034869
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1034869
14
reference_url http://www.ubuntu.com/usn/USN-2892-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2892-1
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302588
reference_id 1302588
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302588
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
reference_id 812806
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0746
reference_id CVE-2016-0746
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-0746
26
reference_url https://security.gentoo.org/glsa/201606-06
reference_id GLSA-201606-06
reference_type
scores
url https://security.gentoo.org/glsa/201606-06
27
reference_url https://access.redhat.com/errata/RHSA-2016:1425
reference_id RHSA-2016:1425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1425
28
reference_url https://usn.ubuntu.com/2892-1/
reference_id USN-2892-1
reference_type
scores
url https://usn.ubuntu.com/2892-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
1
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u2~bpo70%2B1
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u2~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-uqb5-ensa-8yht
22
vulnerability VCID-wc3j-5xmu-kyex
23
vulnerability VCID-y3tg-7fge-1yfy
24
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u2~bpo70%252B1
2
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2016-0746
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtgk-h6v6-2fgs
17
url VCID-kcsp-h1s5-wbea
vulnerability_id VCID-kcsp-h1s5-wbea
summary Excessive memory usage in HTTP/2 with zero length headers
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9516.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9516.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9516
reference_id
reference_type
scores
0
value 0.02173
scoring_system epss
scoring_elements 0.8426
published_at 2026-04-01T12:55:00Z
1
value 0.02173
scoring_system epss
scoring_elements 0.845
published_at 2026-05-14T12:55:00Z
2
value 0.02173
scoring_system epss
scoring_elements 0.84436
published_at 2026-05-07T12:55:00Z
3
value 0.02173
scoring_system epss
scoring_elements 0.84452
published_at 2026-05-09T12:55:00Z
4
value 0.02173
scoring_system epss
scoring_elements 0.84451
published_at 2026-05-11T12:55:00Z
5
value 0.02173
scoring_system epss
scoring_elements 0.84469
published_at 2026-05-12T12:55:00Z
6
value 0.02173
scoring_system epss
scoring_elements 0.84272
published_at 2026-04-02T12:55:00Z
7
value 0.02173
scoring_system epss
scoring_elements 0.84291
published_at 2026-04-04T12:55:00Z
8
value 0.02173
scoring_system epss
scoring_elements 0.84292
published_at 2026-04-07T12:55:00Z
9
value 0.02173
scoring_system epss
scoring_elements 0.84314
published_at 2026-04-08T12:55:00Z
10
value 0.02173
scoring_system epss
scoring_elements 0.84319
published_at 2026-04-09T12:55:00Z
11
value 0.02173
scoring_system epss
scoring_elements 0.84337
published_at 2026-04-11T12:55:00Z
12
value 0.02173
scoring_system epss
scoring_elements 0.8433
published_at 2026-04-12T12:55:00Z
13
value 0.02173
scoring_system epss
scoring_elements 0.84326
published_at 2026-04-13T12:55:00Z
14
value 0.02173
scoring_system epss
scoring_elements 0.84348
published_at 2026-04-16T12:55:00Z
15
value 0.02173
scoring_system epss
scoring_elements 0.84349
published_at 2026-04-18T12:55:00Z
16
value 0.02173
scoring_system epss
scoring_elements 0.84352
published_at 2026-04-21T12:55:00Z
17
value 0.02173
scoring_system epss
scoring_elements 0.84378
published_at 2026-04-24T12:55:00Z
18
value 0.02173
scoring_system epss
scoring_elements 0.84387
published_at 2026-04-26T12:55:00Z
19
value 0.02173
scoring_system epss
scoring_elements 0.84392
published_at 2026-04-29T12:55:00Z
20
value 0.02173
scoring_system epss
scoring_elements 0.84411
published_at 2026-05-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9516
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
reference_id
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1741864
reference_id 1741864
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1741864
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
reference_id 935037
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
9
reference_url https://security.archlinux.org/ASA-201908-12
reference_id ASA-201908-12
reference_type
scores
url https://security.archlinux.org/ASA-201908-12
10
reference_url https://security.archlinux.org/ASA-201908-13
reference_id ASA-201908-13
reference_type
scores
url https://security.archlinux.org/ASA-201908-13
11
reference_url https://security.archlinux.org/AVG-1022
reference_id AVG-1022
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1022
12
reference_url https://security.archlinux.org/AVG-1023
reference_id AVG-1023
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1023
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9516
reference_id CVE-2019-9516
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-9516
14
reference_url https://access.redhat.com/errata/RHSA-2019:2745
reference_id RHSA-2019:2745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2745
15
reference_url https://access.redhat.com/errata/RHSA-2019:2746
reference_id RHSA-2019:2746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2746
16
reference_url https://access.redhat.com/errata/RHSA-2019:2775
reference_id RHSA-2019:2775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2775
17
reference_url https://access.redhat.com/errata/RHSA-2019:2799
reference_id RHSA-2019:2799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2799
18
reference_url https://access.redhat.com/errata/RHSA-2019:2946
reference_id RHSA-2019:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2946
19
reference_url https://access.redhat.com/errata/RHSA-2019:2950
reference_id RHSA-2019:2950
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2950
20
reference_url https://access.redhat.com/errata/RHSA-2019:3932
reference_id RHSA-2019:3932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3932
21
reference_url https://access.redhat.com/errata/RHSA-2019:3933
reference_id RHSA-2019:3933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3933
22
reference_url https://access.redhat.com/errata/RHSA-2019:3935
reference_id RHSA-2019:3935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3935
23
reference_url https://access.redhat.com/errata/RHSA-2020:0922
reference_id RHSA-2020:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0922
24
reference_url https://access.redhat.com/errata/RHSA-2020:0983
reference_id RHSA-2020:0983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0983
25
reference_url https://access.redhat.com/errata/RHSA-2020:1445
reference_id RHSA-2020:1445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1445
26
reference_url https://usn.ubuntu.com/4099-1/
reference_id USN-4099-1
reference_type
scores
url https://usn.ubuntu.com/4099-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
1
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
2
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2019-9516
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kcsp-h1s5-wbea
18
url VCID-ktxc-d5t4-bkhg
vulnerability_id VCID-ktxc-d5t4-bkhg
summary Buffer overflow in resolver
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4315
reference_id
reference_type
scores
0
value 0.02811
scoring_system epss
scoring_elements 0.8607
published_at 2026-04-01T12:55:00Z
1
value 0.02811
scoring_system epss
scoring_elements 0.8608
published_at 2026-04-02T12:55:00Z
2
value 0.02811
scoring_system epss
scoring_elements 0.86096
published_at 2026-04-07T12:55:00Z
3
value 0.02811
scoring_system epss
scoring_elements 0.86114
published_at 2026-04-08T12:55:00Z
4
value 0.02811
scoring_system epss
scoring_elements 0.86126
published_at 2026-04-09T12:55:00Z
5
value 0.02811
scoring_system epss
scoring_elements 0.8614
published_at 2026-04-11T12:55:00Z
6
value 0.02811
scoring_system epss
scoring_elements 0.86139
published_at 2026-04-12T12:55:00Z
7
value 0.02811
scoring_system epss
scoring_elements 0.86135
published_at 2026-04-13T12:55:00Z
8
value 0.02811
scoring_system epss
scoring_elements 0.86153
published_at 2026-04-16T12:55:00Z
9
value 0.02811
scoring_system epss
scoring_elements 0.86158
published_at 2026-04-18T12:55:00Z
10
value 0.02811
scoring_system epss
scoring_elements 0.86149
published_at 2026-04-21T12:55:00Z
11
value 0.02811
scoring_system epss
scoring_elements 0.8617
published_at 2026-04-24T12:55:00Z
12
value 0.02811
scoring_system epss
scoring_elements 0.8618
published_at 2026-04-29T12:55:00Z
13
value 0.02811
scoring_system epss
scoring_elements 0.86199
published_at 2026-05-05T12:55:00Z
14
value 0.02811
scoring_system epss
scoring_elements 0.86221
published_at 2026-05-07T12:55:00Z
15
value 0.02811
scoring_system epss
scoring_elements 0.86239
published_at 2026-05-09T12:55:00Z
16
value 0.02811
scoring_system epss
scoring_elements 0.86235
published_at 2026-05-11T12:55:00Z
17
value 0.02811
scoring_system epss
scoring_elements 0.86249
published_at 2026-05-12T12:55:00Z
18
value 0.02811
scoring_system epss
scoring_elements 0.86287
published_at 2026-05-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4315
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-4315
reference_id CVE-2011-4315
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2011-4315
3
reference_url https://security.gentoo.org/glsa/201203-22
reference_id GLSA-201203-22
reference_type
scores
url https://security.gentoo.org/glsa/201203-22
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
aliases CVE-2011-4315
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ktxc-d5t4-bkhg
19
url VCID-m1y8-m8z6-kyg9
vulnerability_id VCID-m1y8-m8z6-kyg9
summary SPDY heap buffer overflow
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0133.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0133.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0133
reference_id
reference_type
scores
0
value 0.18581
scoring_system epss
scoring_elements 0.95303
published_at 2026-05-09T12:55:00Z
1
value 0.18581
scoring_system epss
scoring_elements 0.95309
published_at 2026-05-11T12:55:00Z
2
value 0.18581
scoring_system epss
scoring_elements 0.95315
published_at 2026-05-12T12:55:00Z
3
value 0.18581
scoring_system epss
scoring_elements 0.95328
published_at 2026-05-14T12:55:00Z
4
value 0.20913
scoring_system epss
scoring_elements 0.95621
published_at 2026-04-08T12:55:00Z
5
value 0.20913
scoring_system epss
scoring_elements 0.95624
published_at 2026-04-09T12:55:00Z
6
value 0.20913
scoring_system epss
scoring_elements 0.95629
published_at 2026-04-12T12:55:00Z
7
value 0.20913
scoring_system epss
scoring_elements 0.95631
published_at 2026-04-13T12:55:00Z
8
value 0.20913
scoring_system epss
scoring_elements 0.95639
published_at 2026-04-16T12:55:00Z
9
value 0.20913
scoring_system epss
scoring_elements 0.95596
published_at 2026-04-01T12:55:00Z
10
value 0.20913
scoring_system epss
scoring_elements 0.95643
published_at 2026-04-21T12:55:00Z
11
value 0.20913
scoring_system epss
scoring_elements 0.95645
published_at 2026-04-29T12:55:00Z
12
value 0.20913
scoring_system epss
scoring_elements 0.95647
published_at 2026-04-26T12:55:00Z
13
value 0.20913
scoring_system epss
scoring_elements 0.9566
published_at 2026-05-05T12:55:00Z
14
value 0.20913
scoring_system epss
scoring_elements 0.95663
published_at 2026-05-07T12:55:00Z
15
value 0.20913
scoring_system epss
scoring_elements 0.95644
published_at 2026-04-18T12:55:00Z
16
value 0.20913
scoring_system epss
scoring_elements 0.95605
published_at 2026-04-02T12:55:00Z
17
value 0.20913
scoring_system epss
scoring_elements 0.9561
published_at 2026-04-04T12:55:00Z
18
value 0.20913
scoring_system epss
scoring_elements 0.95612
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0133
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0133
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0133
3
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html
reference_id
reference_type
scores
url https://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html
4
reference_url https://nginx.org/download/patch.2014.spdy2.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2014.spdy2.txt
5
reference_url https://nginx.org/download/patch.2014.spdy2.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2014.spdy2.txt.asc
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1077988
reference_id 1077988
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1077988
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742059
reference_id 742059
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742059
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0133
reference_id CVE-2014-0133
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2014-0133
9
reference_url https://security.gentoo.org/glsa/201406-20
reference_id GLSA-201406-20
reference_type
scores
url https://security.gentoo.org/glsa/201406-20
fixed_packages
0
url pkg:deb/debian/nginx@1.6.2-5
purl pkg:deb/debian/nginx@1.6.2-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-uqb5-ensa-8yht
22
vulnerability VCID-wc3j-5xmu-kyex
23
vulnerability VCID-y3tg-7fge-1yfy
24
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5
aliases CVE-2014-0133
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m1y8-m8z6-kyg9
20
url VCID-m393-anc8-dfgf
vulnerability_id VCID-m393-anc8-dfgf
summary Buffer overflow in the ngx_http_mp4_module
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2089
reference_id
reference_type
scores
0
value 0.05317
scoring_system epss
scoring_elements 0.89995
published_at 2026-04-01T12:55:00Z
1
value 0.05317
scoring_system epss
scoring_elements 0.89998
published_at 2026-04-02T12:55:00Z
2
value 0.05317
scoring_system epss
scoring_elements 0.9001
published_at 2026-04-04T12:55:00Z
3
value 0.05317
scoring_system epss
scoring_elements 0.90015
published_at 2026-04-07T12:55:00Z
4
value 0.05317
scoring_system epss
scoring_elements 0.90031
published_at 2026-04-08T12:55:00Z
5
value 0.05317
scoring_system epss
scoring_elements 0.90037
published_at 2026-04-09T12:55:00Z
6
value 0.05317
scoring_system epss
scoring_elements 0.90045
published_at 2026-04-11T12:55:00Z
7
value 0.05317
scoring_system epss
scoring_elements 0.90044
published_at 2026-04-12T12:55:00Z
8
value 0.05317
scoring_system epss
scoring_elements 0.90038
published_at 2026-04-13T12:55:00Z
9
value 0.05317
scoring_system epss
scoring_elements 0.90054
published_at 2026-04-18T12:55:00Z
10
value 0.05317
scoring_system epss
scoring_elements 0.90052
published_at 2026-04-21T12:55:00Z
11
value 0.05317
scoring_system epss
scoring_elements 0.9007
published_at 2026-04-26T12:55:00Z
12
value 0.05317
scoring_system epss
scoring_elements 0.90069
published_at 2026-04-29T12:55:00Z
13
value 0.05317
scoring_system epss
scoring_elements 0.9008
published_at 2026-05-05T12:55:00Z
14
value 0.05317
scoring_system epss
scoring_elements 0.90095
published_at 2026-05-07T12:55:00Z
15
value 0.05317
scoring_system epss
scoring_elements 0.90107
published_at 2026-05-09T12:55:00Z
16
value 0.05317
scoring_system epss
scoring_elements 0.90103
published_at 2026-05-11T12:55:00Z
17
value 0.05317
scoring_system epss
scoring_elements 0.90112
published_at 2026-05-12T12:55:00Z
18
value 0.05317
scoring_system epss
scoring_elements 0.90126
published_at 2026-05-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2089
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2089
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2089
2
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html
reference_id
reference_type
scores
url https://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html
3
reference_url https://nginx.org/download/patch.2012.mp4.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2012.mp4.txt
4
reference_url https://nginx.org/download/patch.2012.mp4.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2012.mp4.txt.asc
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2089
reference_id CVE-2012-2089
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2012-2089
6
reference_url https://security.gentoo.org/glsa/201206-07
reference_id GLSA-201206-07
reference_type
scores
url https://security.gentoo.org/glsa/201206-07
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
aliases CVE-2012-2089
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m393-anc8-dfgf
21
url VCID-nckn-qkc8-t7ge
vulnerability_id VCID-nckn-qkc8-t7ge
summary Memory disclosure in the ngx_http_mp4_module
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16845.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16845.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16845
reference_id
reference_type
scores
0
value 0.06332
scoring_system epss
scoring_elements 0.90931
published_at 2026-04-01T12:55:00Z
1
value 0.06332
scoring_system epss
scoring_elements 0.91075
published_at 2026-05-14T12:55:00Z
2
value 0.06332
scoring_system epss
scoring_elements 0.91056
published_at 2026-05-11T12:55:00Z
3
value 0.06332
scoring_system epss
scoring_elements 0.91064
published_at 2026-05-12T12:55:00Z
4
value 0.06332
scoring_system epss
scoring_elements 0.90936
published_at 2026-04-02T12:55:00Z
5
value 0.06332
scoring_system epss
scoring_elements 0.90945
published_at 2026-04-04T12:55:00Z
6
value 0.06332
scoring_system epss
scoring_elements 0.90956
published_at 2026-04-07T12:55:00Z
7
value 0.06332
scoring_system epss
scoring_elements 0.90966
published_at 2026-04-08T12:55:00Z
8
value 0.06332
scoring_system epss
scoring_elements 0.90972
published_at 2026-04-09T12:55:00Z
9
value 0.06332
scoring_system epss
scoring_elements 0.90981
published_at 2026-04-13T12:55:00Z
10
value 0.06332
scoring_system epss
scoring_elements 0.90982
published_at 2026-04-12T12:55:00Z
11
value 0.06332
scoring_system epss
scoring_elements 0.91006
published_at 2026-04-21T12:55:00Z
12
value 0.06332
scoring_system epss
scoring_elements 0.91004
published_at 2026-04-18T12:55:00Z
13
value 0.06332
scoring_system epss
scoring_elements 0.91019
published_at 2026-04-24T12:55:00Z
14
value 0.06332
scoring_system epss
scoring_elements 0.91018
published_at 2026-04-26T12:55:00Z
15
value 0.06332
scoring_system epss
scoring_elements 0.91014
published_at 2026-04-29T12:55:00Z
16
value 0.06332
scoring_system epss
scoring_elements 0.91029
published_at 2026-05-05T12:55:00Z
17
value 0.06332
scoring_system epss
scoring_elements 0.91043
published_at 2026-05-07T12:55:00Z
18
value 0.06332
scoring_system epss
scoring_elements 0.91057
published_at 2026-05-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16845
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html
7
reference_url https://nginx.org/download/patch.2018.mp4.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2018.mp4.txt
8
reference_url https://nginx.org/download/patch.2018.mp4.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2018.mp4.txt.asc
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1644508
reference_id 1644508
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1644508
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
reference_id 913090
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16845
reference_id CVE-2018-16845
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-16845
12
reference_url https://access.redhat.com/errata/RHSA-2018:3652
reference_id RHSA-2018:3652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3652
13
reference_url https://access.redhat.com/errata/RHSA-2018:3653
reference_id RHSA-2018:3653
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3653
14
reference_url https://access.redhat.com/errata/RHSA-2018:3680
reference_id RHSA-2018:3680
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3680
15
reference_url https://access.redhat.com/errata/RHSA-2018:3681
reference_id RHSA-2018:3681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3681
16
reference_url https://usn.ubuntu.com/3812-1/
reference_id USN-3812-1
reference_type
scores
url https://usn.ubuntu.com/3812-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
1
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
aliases CVE-2018-16845
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nckn-qkc8-t7ge
22
url VCID-p933-hxvk-37bk
vulnerability_id VCID-p933-hxvk-37bk
summary 
Gentoo's NGINX ebuilds are vulnerable to privilege escalation due
    to the way log files are handled.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1247
reference_id
reference_type
scores
0
value 0.0983
scoring_system epss
scoring_elements 0.92947
published_at 2026-04-01T12:55:00Z
1
value 0.0983
scoring_system epss
scoring_elements 0.92976
published_at 2026-04-13T12:55:00Z
2
value 0.0983
scoring_system epss
scoring_elements 0.92975
published_at 2026-04-12T12:55:00Z
3
value 0.0983
scoring_system epss
scoring_elements 0.92986
published_at 2026-04-16T12:55:00Z
4
value 0.0983
scoring_system epss
scoring_elements 0.92988
published_at 2026-04-18T12:55:00Z
5
value 0.0983
scoring_system epss
scoring_elements 0.92995
published_at 2026-04-21T12:55:00Z
6
value 0.0983
scoring_system epss
scoring_elements 0.93
published_at 2026-04-24T12:55:00Z
7
value 0.0983
scoring_system epss
scoring_elements 0.93001
published_at 2026-04-26T12:55:00Z
8
value 0.0983
scoring_system epss
scoring_elements 0.92996
published_at 2026-04-29T12:55:00Z
9
value 0.0983
scoring_system epss
scoring_elements 0.93002
published_at 2026-05-05T12:55:00Z
10
value 0.0983
scoring_system epss
scoring_elements 0.92956
published_at 2026-04-02T12:55:00Z
11
value 0.0983
scoring_system epss
scoring_elements 0.92961
published_at 2026-04-04T12:55:00Z
12
value 0.0983
scoring_system epss
scoring_elements 0.9296
published_at 2026-04-07T12:55:00Z
13
value 0.0983
scoring_system epss
scoring_elements 0.92968
published_at 2026-04-08T12:55:00Z
14
value 0.0983
scoring_system epss
scoring_elements 0.92972
published_at 2026-04-09T12:55:00Z
15
value 0.0983
scoring_system epss
scoring_elements 0.92977
published_at 2026-04-11T12:55:00Z
16
value 0.10069
scoring_system epss
scoring_elements 0.9314
published_at 2026-05-09T12:55:00Z
17
value 0.10069
scoring_system epss
scoring_elements 0.9315
published_at 2026-05-12T12:55:00Z
18
value 0.10069
scoring_system epss
scoring_elements 0.93166
published_at 2026-05-14T12:55:00Z
19
value 0.10069
scoring_system epss
scoring_elements 0.93129
published_at 2026-05-07T12:55:00Z
20
value 0.10069
scoring_system epss
scoring_elements 0.93142
published_at 2026-05-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1247
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:S/C:C/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1390182
reference_id 1390182
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1390182
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842295
reference_id 842295
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842295
6
reference_url https://security.archlinux.org/ASA-201701-23
reference_id ASA-201701-23
reference_type
scores
url https://security.archlinux.org/ASA-201701-23
7
reference_url https://security.archlinux.org/ASA-201701-24
reference_id ASA-201701-24
reference_type
scores
url https://security.archlinux.org/ASA-201701-24
8
reference_url https://security.archlinux.org/AVG-138
reference_id AVG-138
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-138
9
reference_url https://security.archlinux.org/AVG-139
reference_id AVG-139
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-139
10
reference_url http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
reference_id CVE-2016-1247
reference_type exploit
scores
url http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
11
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40768.sh
reference_id CVE-2016-1247
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40768.sh
12
reference_url https://security.gentoo.org/glsa/201701-22
reference_id GLSA-201701-22
reference_type
scores
url https://security.gentoo.org/glsa/201701-22
13
reference_url https://usn.ubuntu.com/3114-1/
reference_id USN-3114-1
reference_type
scores
url https://usn.ubuntu.com/3114-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-wc3j-5xmu-kyex
22
vulnerability VCID-y3tg-7fge-1yfy
23
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u5
1
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2016-1247
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p933-hxvk-37bk
23
url VCID-pmrf-dxst-p7a7
vulnerability_id VCID-pmrf-dxst-p7a7
summary Request line parsing vulnerability
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4547
reference_id
reference_type
scores
0
value 0.90921
scoring_system epss
scoring_elements 0.99642
published_at 2026-05-14T12:55:00Z
1
value 0.90921
scoring_system epss
scoring_elements 0.9963
published_at 2026-04-04T12:55:00Z
2
value 0.90921
scoring_system epss
scoring_elements 0.99629
published_at 2026-04-02T12:55:00Z
3
value 0.90921
scoring_system epss
scoring_elements 0.99632
published_at 2026-04-12T12:55:00Z
4
value 0.90921
scoring_system epss
scoring_elements 0.99633
published_at 2026-04-16T12:55:00Z
5
value 0.90921
scoring_system epss
scoring_elements 0.99634
published_at 2026-04-18T12:55:00Z
6
value 0.90921
scoring_system epss
scoring_elements 0.99636
published_at 2026-04-24T12:55:00Z
7
value 0.90921
scoring_system epss
scoring_elements 0.99638
published_at 2026-05-05T12:55:00Z
8
value 0.90921
scoring_system epss
scoring_elements 0.99639
published_at 2026-05-09T12:55:00Z
9
value 0.90921
scoring_system epss
scoring_elements 0.9964
published_at 2026-05-11T12:55:00Z
10
value 0.90921
scoring_system epss
scoring_elements 0.99641
published_at 2026-05-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4547
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547
2
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html
3
reference_url https://nginx.org/download/patch.2013.space.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2013.space.txt
4
reference_url https://nginx.org/download/patch.2013.space.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2013.space.txt.asc
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730012
reference_id 730012
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730012
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4547
reference_id CVE-2013-4547
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2013-4547
7
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/38846.txt
reference_id CVE-2013-4547;OSVDB-100015
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/38846.txt
8
reference_url https://www.securityfocus.com/bid/63814/info
reference_id CVE-2013-4547;OSVDB-100015
reference_type exploit
scores
url https://www.securityfocus.com/bid/63814/info
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
1
url pkg:deb/debian/nginx@1.6.2-5
purl pkg:deb/debian/nginx@1.6.2-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-uqb5-ensa-8yht
22
vulnerability VCID-wc3j-5xmu-kyex
23
vulnerability VCID-y3tg-7fge-1yfy
24
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5
aliases CVE-2013-4547
risk_score 7.0
exploitability 2.0
weighted_severity 3.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pmrf-dxst-p7a7
24
url VCID-qpfs-f882-gqd3
vulnerability_id VCID-qpfs-f882-gqd3
summary Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
references
0
reference_url http://code.google.com/p/naxsi/
reference_id
reference_type
scores
url http://code.google.com/p/naxsi/
1
reference_url http://code.google.com/p/naxsi/source/detail?r=307
reference_id
reference_type
scores
url http://code.google.com/p/naxsi/source/detail?r=307
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3380
reference_id
reference_type
scores
0
value 0.0011
scoring_system epss
scoring_elements 0.28987
published_at 2026-05-14T12:55:00Z
1
value 0.0011
scoring_system epss
scoring_elements 0.28887
published_at 2026-05-11T12:55:00Z
2
value 0.0011
scoring_system epss
scoring_elements 0.28949
published_at 2026-05-07T12:55:00Z
3
value 0.0011
scoring_system epss
scoring_elements 0.28965
published_at 2026-05-09T12:55:00Z
4
value 0.0011
scoring_system epss
scoring_elements 0.28907
published_at 2026-05-12T12:55:00Z
5
value 0.00166
scoring_system epss
scoring_elements 0.37698
published_at 2026-04-09T12:55:00Z
6
value 0.00166
scoring_system epss
scoring_elements 0.37712
published_at 2026-04-11T12:55:00Z
7
value 0.00166
scoring_system epss
scoring_elements 0.37677
published_at 2026-04-12T12:55:00Z
8
value 0.00166
scoring_system epss
scoring_elements 0.37649
published_at 2026-04-13T12:55:00Z
9
value 0.00166
scoring_system epss
scoring_elements 0.37549
published_at 2026-04-01T12:55:00Z
10
value 0.00166
scoring_system epss
scoring_elements 0.37678
published_at 2026-04-18T12:55:00Z
11
value 0.00166
scoring_system epss
scoring_elements 0.37616
published_at 2026-04-21T12:55:00Z
12
value 0.00166
scoring_system epss
scoring_elements 0.3738
published_at 2026-04-24T12:55:00Z
13
value 0.00166
scoring_system epss
scoring_elements 0.3736
published_at 2026-04-26T12:55:00Z
14
value 0.00166
scoring_system epss
scoring_elements 0.3727
published_at 2026-04-29T12:55:00Z
15
value 0.00166
scoring_system epss
scoring_elements 0.37696
published_at 2026-04-16T12:55:00Z
16
value 0.00166
scoring_system epss
scoring_elements 0.37731
published_at 2026-04-02T12:55:00Z
17
value 0.00166
scoring_system epss
scoring_elements 0.37756
published_at 2026-04-04T12:55:00Z
18
value 0.00166
scoring_system epss
scoring_elements 0.37633
published_at 2026-04-07T12:55:00Z
19
value 0.00166
scoring_system epss
scoring_elements 0.37685
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3380
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3380
4
reference_url http://secunia.com/advisories/49811
reference_id
reference_type
scores
url http://secunia.com/advisories/49811
5
reference_url http://www.openwall.com/lists/oss-security/2012/07/05/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2012/07/05/1
6
reference_url http://www.openwall.com/lists/oss-security/2012/07/06/3
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2012/07/06/3
7
reference_url http://www.osvdb.org/83617
reference_id
reference_type
scores
url http://www.osvdb.org/83617
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wargio:naxsi:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:wargio:naxsi:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wargio:naxsi:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3380
reference_id CVE-2012-3380
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2012-3380
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
aliases CVE-2012-3380
risk_score 0.9
exploitability 0.5
weighted_severity 1.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpfs-f882-gqd3
25
url VCID-qzcz-zvv6-dyda
vulnerability_id VCID-qzcz-zvv6-dyda
summary Invalid pointer dereference in resolver
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
1
reference_url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0742.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0742.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0742
reference_id
reference_type
scores
0
value 0.78788
scoring_system epss
scoring_elements 0.99057
published_at 2026-04-29T12:55:00Z
1
value 0.78788
scoring_system epss
scoring_elements 0.99059
published_at 2026-05-05T12:55:00Z
2
value 0.79078
scoring_system epss
scoring_elements 0.99076
published_at 2026-05-09T12:55:00Z
3
value 0.79078
scoring_system epss
scoring_elements 0.99078
published_at 2026-05-14T12:55:00Z
4
value 0.79078
scoring_system epss
scoring_elements 0.99077
published_at 2026-05-12T12:55:00Z
5
value 0.79078
scoring_system epss
scoring_elements 0.99075
published_at 2026-05-07T12:55:00Z
6
value 0.80364
scoring_system epss
scoring_elements 0.99122
published_at 2026-04-13T12:55:00Z
7
value 0.80364
scoring_system epss
scoring_elements 0.99125
published_at 2026-04-18T12:55:00Z
8
value 0.80364
scoring_system epss
scoring_elements 0.99128
published_at 2026-04-21T12:55:00Z
9
value 0.80364
scoring_system epss
scoring_elements 0.99131
published_at 2026-04-24T12:55:00Z
10
value 0.80364
scoring_system epss
scoring_elements 0.99132
published_at 2026-04-26T12:55:00Z
11
value 0.80364
scoring_system epss
scoring_elements 0.99124
published_at 2026-04-16T12:55:00Z
12
value 0.80364
scoring_system epss
scoring_elements 0.99113
published_at 2026-04-01T12:55:00Z
13
value 0.80364
scoring_system epss
scoring_elements 0.99114
published_at 2026-04-02T12:55:00Z
14
value 0.80364
scoring_system epss
scoring_elements 0.99117
published_at 2026-04-04T12:55:00Z
15
value 0.80364
scoring_system epss
scoring_elements 0.9912
published_at 2026-04-07T12:55:00Z
16
value 0.80364
scoring_system epss
scoring_elements 0.99121
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0742
4
reference_url https://bto.bluecoat.com/security-advisory/sa115
reference_id
reference_type
scores
url https://bto.bluecoat.com/security-advisory/sa115
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
8
reference_url http://seclists.org/fulldisclosure/2021/Sep/36
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2021/Sep/36
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
11
reference_url https://support.apple.com/kb/HT212818
reference_id
reference_type
scores
url https://support.apple.com/kb/HT212818
12
reference_url http://www.debian.org/security/2016/dsa-3473
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3473
13
reference_url http://www.securitytracker.com/id/1034869
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1034869
14
reference_url http://www.ubuntu.com/usn/USN-2892-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2892-1
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302587
reference_id 1302587
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302587
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
reference_id 812806
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0742
reference_id CVE-2016-0742
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-0742
27
reference_url https://security.gentoo.org/glsa/201606-06
reference_id GLSA-201606-06
reference_type
scores
url https://security.gentoo.org/glsa/201606-06
28
reference_url https://access.redhat.com/errata/RHSA-2016:1425
reference_id RHSA-2016:1425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1425
29
reference_url https://usn.ubuntu.com/2892-1/
reference_id USN-2892-1
reference_type
scores
url https://usn.ubuntu.com/2892-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
1
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u2~bpo70%2B1
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u2~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-uqb5-ensa-8yht
22
vulnerability VCID-wc3j-5xmu-kyex
23
vulnerability VCID-y3tg-7fge-1yfy
24
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u2~bpo70%252B1
2
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2016-0742
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qzcz-zvv6-dyda
26
url VCID-rsr7-p977-tycc
vulnerability_id VCID-rsr7-p977-tycc
summary NULL pointer dereference while writing client request body
references
0
reference_url http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4450.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4450.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4450
reference_id
reference_type
scores
0
value 0.03471
scoring_system epss
scoring_elements 0.87624
published_at 2026-05-11T12:55:00Z
1
value 0.03471
scoring_system epss
scoring_elements 0.8767
published_at 2026-05-14T12:55:00Z
2
value 0.03471
scoring_system epss
scoring_elements 0.87628
published_at 2026-05-09T12:55:00Z
3
value 0.03471
scoring_system epss
scoring_elements 0.87637
published_at 2026-05-12T12:55:00Z
4
value 0.03471
scoring_system epss
scoring_elements 0.87596
published_at 2026-05-05T12:55:00Z
5
value 0.03471
scoring_system epss
scoring_elements 0.8761
published_at 2026-05-07T12:55:00Z
6
value 0.04016
scoring_system epss
scoring_elements 0.88451
published_at 2026-04-09T12:55:00Z
7
value 0.04016
scoring_system epss
scoring_elements 0.88462
published_at 2026-04-11T12:55:00Z
8
value 0.04016
scoring_system epss
scoring_elements 0.88454
published_at 2026-04-12T12:55:00Z
9
value 0.04016
scoring_system epss
scoring_elements 0.88468
published_at 2026-04-16T12:55:00Z
10
value 0.04016
scoring_system epss
scoring_elements 0.88465
published_at 2026-04-18T12:55:00Z
11
value 0.04016
scoring_system epss
scoring_elements 0.88463
published_at 2026-04-21T12:55:00Z
12
value 0.04016
scoring_system epss
scoring_elements 0.8848
published_at 2026-04-24T12:55:00Z
13
value 0.04016
scoring_system epss
scoring_elements 0.88485
published_at 2026-04-29T12:55:00Z
14
value 0.04016
scoring_system epss
scoring_elements 0.88453
published_at 2026-04-13T12:55:00Z
15
value 0.04016
scoring_system epss
scoring_elements 0.88405
published_at 2026-04-01T12:55:00Z
16
value 0.04016
scoring_system epss
scoring_elements 0.88414
published_at 2026-04-02T12:55:00Z
17
value 0.04016
scoring_system epss
scoring_elements 0.88422
published_at 2026-04-04T12:55:00Z
18
value 0.04016
scoring_system epss
scoring_elements 0.88426
published_at 2026-04-07T12:55:00Z
19
value 0.04016
scoring_system epss
scoring_elements 0.88445
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4450
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html
6
reference_url https://nginx.org/download/patch.2016.write2.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2016.write2.txt
7
reference_url https://nginx.org/download/patch.2016.write2.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2016.write2.txt.asc
8
reference_url https://nginx.org/download/patch.2016.write.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2016.write.txt
9
reference_url https://nginx.org/download/patch.2016.write.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2016.write.txt.asc
10
reference_url http://www.debian.org/security/2016/dsa-3592
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3592
11
reference_url http://www.securityfocus.com/bid/90967
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/90967
12
reference_url http://www.securitytracker.com/id/1036019
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036019
13
reference_url http://www.ubuntu.com/usn/USN-2991-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2991-1
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1341462
reference_id 1341462
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1341462
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825960
reference_id 825960
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825960
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.11.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:1.11.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.11.0:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4450
reference_id CVE-2016-4450
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-4450
23
reference_url https://security.gentoo.org/glsa/201606-06
reference_id GLSA-201606-06
reference_type
scores
url https://security.gentoo.org/glsa/201606-06
24
reference_url https://access.redhat.com/errata/RHSA-2016:1425
reference_id RHSA-2016:1425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1425
25
reference_url https://usn.ubuntu.com/2991-1/
reference_id USN-2991-1
reference_type
scores
url https://usn.ubuntu.com/2991-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-wc3j-5xmu-kyex
22
vulnerability VCID-y3tg-7fge-1yfy
23
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u5
1
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2016-4450
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsr7-p977-tycc
27
url VCID-u25m-v3f6-23dk
vulnerability_id VCID-u25m-v3f6-23dk
summary Memory disclosure with specially crafted HTTP backend responses
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html
1
reference_url http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html
2
reference_url http://nginx.org/download/patch.2013.proxy.txt
reference_id
reference_type
scores
url http://nginx.org/download/patch.2013.proxy.txt
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-2070
reference_id
reference_type
scores
0
value 0.04601
scoring_system epss
scoring_elements 0.89321
published_at 2026-05-09T12:55:00Z
1
value 0.04601
scoring_system epss
scoring_elements 0.892
published_at 2026-04-01T12:55:00Z
2
value 0.04601
scoring_system epss
scoring_elements 0.89329
published_at 2026-05-12T12:55:00Z
3
value 0.04601
scoring_system epss
scoring_elements 0.89318
published_at 2026-05-11T12:55:00Z
4
value 0.04601
scoring_system epss
scoring_elements 0.89206
published_at 2026-04-02T12:55:00Z
5
value 0.04601
scoring_system epss
scoring_elements 0.8922
published_at 2026-04-04T12:55:00Z
6
value 0.04601
scoring_system epss
scoring_elements 0.89222
published_at 2026-04-07T12:55:00Z
7
value 0.04601
scoring_system epss
scoring_elements 0.8924
published_at 2026-04-08T12:55:00Z
8
value 0.04601
scoring_system epss
scoring_elements 0.89245
published_at 2026-04-09T12:55:00Z
9
value 0.04601
scoring_system epss
scoring_elements 0.89255
published_at 2026-04-21T12:55:00Z
10
value 0.04601
scoring_system epss
scoring_elements 0.89251
published_at 2026-04-12T12:55:00Z
11
value 0.04601
scoring_system epss
scoring_elements 0.89248
published_at 2026-04-13T12:55:00Z
12
value 0.04601
scoring_system epss
scoring_elements 0.8926
published_at 2026-04-16T12:55:00Z
13
value 0.04601
scoring_system epss
scoring_elements 0.89261
published_at 2026-04-18T12:55:00Z
14
value 0.04601
scoring_system epss
scoring_elements 0.89273
published_at 2026-04-24T12:55:00Z
15
value 0.04601
scoring_system epss
scoring_elements 0.89278
published_at 2026-04-26T12:55:00Z
16
value 0.04601
scoring_system epss
scoring_elements 0.89282
published_at 2026-04-29T12:55:00Z
17
value 0.04601
scoring_system epss
scoring_elements 0.89291
published_at 2026-05-05T12:55:00Z
18
value 0.04601
scoring_system epss
scoring_elements 0.89309
published_at 2026-05-07T12:55:00Z
19
value 0.06821
scoring_system epss
scoring_elements 0.91425
published_at 2026-05-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-2070
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=962525
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=962525
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2070
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2070
6
reference_url http://seclists.org/oss-sec/2013/q2/291
reference_id
reference_type
scores
url http://seclists.org/oss-sec/2013/q2/291
7
reference_url http://secunia.com/advisories/55181
reference_id
reference_type
scores
url http://secunia.com/advisories/55181
8
reference_url http://security.gentoo.org/glsa/glsa-201310-04.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-201310-04.xml
9
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/84172
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/84172
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html
12
reference_url https://nginx.org/download/patch.2013.chunked.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2013.chunked.txt
13
reference_url https://nginx.org/download/patch.2013.chunked.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2013.chunked.txt.asc
14
reference_url https://nginx.org/download/patch.2013.proxy.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2013.proxy.txt
15
reference_url https://nginx.org/download/patch.2013.proxy.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2013.proxy.txt.asc
16
reference_url http://www.debian.org/security/2013/dsa-2721
reference_id
reference_type
scores
url http://www.debian.org/security/2013/dsa-2721
17
reference_url http://www.openwall.com/lists/oss-security/2013/05/13/3
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/05/13/3
18
reference_url http://www.securityfocus.com/bid/59824
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/59824
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708164
reference_id 708164
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708164
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-2070
reference_id CVE-2013-2070
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2013-2070
24
reference_url https://security.gentoo.org/glsa/201310-04
reference_id GLSA-201310-04
reference_type
scores
url https://security.gentoo.org/glsa/201310-04
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
1
url pkg:deb/debian/nginx@1.6.2-5
purl pkg:deb/debian/nginx@1.6.2-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-uqb5-ensa-8yht
22
vulnerability VCID-wc3j-5xmu-kyex
23
vulnerability VCID-y3tg-7fge-1yfy
24
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5
aliases CVE-2013-2070
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u25m-v3f6-23dk
28
url VCID-u8aq-2qhu-gff5
vulnerability_id VCID-u8aq-2qhu-gff5
summary ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3618.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3618.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3618
reference_id
reference_type
scores
0
value 0.00615
scoring_system epss
scoring_elements 0.69833
published_at 2026-04-01T12:55:00Z
1
value 0.00615
scoring_system epss
scoring_elements 0.70083
published_at 2026-05-14T12:55:00Z
2
value 0.00615
scoring_system epss
scoring_elements 0.69965
published_at 2026-05-05T12:55:00Z
3
value 0.00615
scoring_system epss
scoring_elements 0.70007
published_at 2026-05-11T12:55:00Z
4
value 0.00615
scoring_system epss
scoring_elements 0.70037
published_at 2026-05-09T12:55:00Z
5
value 0.00615
scoring_system epss
scoring_elements 0.70034
published_at 2026-05-12T12:55:00Z
6
value 0.00615
scoring_system epss
scoring_elements 0.69845
published_at 2026-04-02T12:55:00Z
7
value 0.00615
scoring_system epss
scoring_elements 0.6986
published_at 2026-04-04T12:55:00Z
8
value 0.00615
scoring_system epss
scoring_elements 0.69837
published_at 2026-04-07T12:55:00Z
9
value 0.00615
scoring_system epss
scoring_elements 0.69886
published_at 2026-04-08T12:55:00Z
10
value 0.00615
scoring_system epss
scoring_elements 0.69902
published_at 2026-04-09T12:55:00Z
11
value 0.00615
scoring_system epss
scoring_elements 0.69925
published_at 2026-04-11T12:55:00Z
12
value 0.00615
scoring_system epss
scoring_elements 0.6991
published_at 2026-04-12T12:55:00Z
13
value 0.00615
scoring_system epss
scoring_elements 0.69896
published_at 2026-04-13T12:55:00Z
14
value 0.00615
scoring_system epss
scoring_elements 0.69937
published_at 2026-04-16T12:55:00Z
15
value 0.00615
scoring_system epss
scoring_elements 0.69946
published_at 2026-04-18T12:55:00Z
16
value 0.00615
scoring_system epss
scoring_elements 0.69928
published_at 2026-04-21T12:55:00Z
17
value 0.00615
scoring_system epss
scoring_elements 0.69979
published_at 2026-04-24T12:55:00Z
18
value 0.00615
scoring_system epss
scoring_elements 0.69988
published_at 2026-04-26T12:55:00Z
19
value 0.00615
scoring_system epss
scoring_elements 0.69989
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3618
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1975623
reference_id 1975623
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1975623
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
reference_id 991328
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
reference_id 991329
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
reference_id 991331
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
8
reference_url https://security.archlinux.org/AVG-2101
reference_id AVG-2101
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2101
9
reference_url https://security.archlinux.org/AVG-2102
reference_id AVG-2102
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2102
10
reference_url https://security.archlinux.org/AVG-2103
reference_id AVG-2103
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2103
11
reference_url https://usn.ubuntu.com/5371-1/
reference_id USN-5371-1
reference_type
scores
url https://usn.ubuntu.com/5371-1/
12
reference_url https://usn.ubuntu.com/5371-2/
reference_id USN-5371-2
reference_type
scores
url https://usn.ubuntu.com/5371-2/
13
reference_url https://usn.ubuntu.com/6379-1/
reference_id USN-6379-1
reference_type
scores
url https://usn.ubuntu.com/6379-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2021-3618
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u8aq-2qhu-gff5
29
url VCID-uqb5-ensa-8yht
vulnerability_id VCID-uqb5-ensa-8yht
summary regression update
references
fixed_packages
0
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-wc3j-5xmu-kyex
22
vulnerability VCID-y3tg-7fge-1yfy
23
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u5
aliases DSA-3701-2 nginx
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uqb5-ensa-8yht
30
url VCID-wc3j-5xmu-kyex
vulnerability_id VCID-wc3j-5xmu-kyex
summary Memory disclosure in the ngx_http_mp4_module
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41742.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41742.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41742
reference_id
reference_type
scores
0
value 0.00095
scoring_system epss
scoring_elements 0.26344
published_at 2026-04-16T12:55:00Z
1
value 0.00095
scoring_system epss
scoring_elements 0.26179
published_at 2026-05-14T12:55:00Z
2
value 0.00095
scoring_system epss
scoring_elements 0.26098
published_at 2026-05-12T12:55:00Z
3
value 0.00095
scoring_system epss
scoring_elements 0.2608
published_at 2026-05-11T12:55:00Z
4
value 0.00095
scoring_system epss
scoring_elements 0.26155
published_at 2026-05-09T12:55:00Z
5
value 0.00095
scoring_system epss
scoring_elements 0.26101
published_at 2026-05-07T12:55:00Z
6
value 0.00095
scoring_system epss
scoring_elements 0.26035
published_at 2026-05-05T12:55:00Z
7
value 0.00095
scoring_system epss
scoring_elements 0.26154
published_at 2026-04-29T12:55:00Z
8
value 0.00095
scoring_system epss
scoring_elements 0.26206
published_at 2026-04-26T12:55:00Z
9
value 0.00095
scoring_system epss
scoring_elements 0.26212
published_at 2026-04-24T12:55:00Z
10
value 0.00095
scoring_system epss
scoring_elements 0.26318
published_at 2026-04-18T12:55:00Z
11
value 0.00095
scoring_system epss
scoring_elements 0.26281
published_at 2026-04-21T12:55:00Z
12
value 0.00097
scoring_system epss
scoring_elements 0.27047
published_at 2026-04-04T12:55:00Z
13
value 0.00097
scoring_system epss
scoring_elements 0.2701
published_at 2026-04-02T12:55:00Z
14
value 0.00097
scoring_system epss
scoring_elements 0.26837
published_at 2026-04-07T12:55:00Z
15
value 0.00097
scoring_system epss
scoring_elements 0.26906
published_at 2026-04-08T12:55:00Z
16
value 0.00097
scoring_system epss
scoring_elements 0.26953
published_at 2026-04-09T12:55:00Z
17
value 0.00097
scoring_system epss
scoring_elements 0.26956
published_at 2026-04-11T12:55:00Z
18
value 0.00097
scoring_system epss
scoring_elements 0.26912
published_at 2026-04-12T12:55:00Z
19
value 0.00097
scoring_system epss
scoring_elements 0.26855
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41742
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html
6
reference_url https://nginx.org/download/patch.2022.mp4.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2022.mp4.txt
7
reference_url https://nginx.org/download/patch.2022.mp4.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2022.mp4.txt.asc
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2141496
reference_id 2141496
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2141496
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/
reference_id BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41742
reference_id CVE-2022-41742
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-41742
11
reference_url https://www.debian.org/security/2022/dsa-5281
reference_id dsa-5281
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://www.debian.org/security/2022/dsa-5281
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/
reference_id FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/
13
reference_url https://support.f5.com/csp/article/K28112382
reference_id K28112382
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://support.f5.com/csp/article/K28112382
14
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html
reference_id msg00031.html
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html
15
reference_url https://security.netapp.com/advisory/ntap-20230120-0005/
reference_id ntap-20230120-0005
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://security.netapp.com/advisory/ntap-20230120-0005/
16
reference_url https://access.redhat.com/errata/RHSA-2025:7402
reference_id RHSA-2025:7402
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7402
17
reference_url https://access.redhat.com/errata/RHSA-2025:7546
reference_id RHSA-2025:7546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7546
18
reference_url https://access.redhat.com/errata/RHSA-2025:7619
reference_id RHSA-2025:7619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7619
19
reference_url https://usn.ubuntu.com/5722-1/
reference_id USN-5722-1
reference_type
scores
url https://usn.ubuntu.com/5722-1/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/
reference_id WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/
fixed_packages
0
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2022-41742
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wc3j-5xmu-kyex
31
url VCID-wsxq-wqqr-n3ey
vulnerability_id VCID-wsxq-wqqr-n3ey
summary Memory disclosure with specially crafted backend responses
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1180
reference_id
reference_type
scores
0
value 0.03062
scoring_system epss
scoring_elements 0.86659
published_at 2026-04-01T12:55:00Z
1
value 0.03062
scoring_system epss
scoring_elements 0.86669
published_at 2026-04-02T12:55:00Z
2
value 0.03062
scoring_system epss
scoring_elements 0.86688
published_at 2026-04-04T12:55:00Z
3
value 0.03062
scoring_system epss
scoring_elements 0.86687
published_at 2026-04-07T12:55:00Z
4
value 0.03062
scoring_system epss
scoring_elements 0.86706
published_at 2026-04-08T12:55:00Z
5
value 0.03062
scoring_system epss
scoring_elements 0.86716
published_at 2026-04-09T12:55:00Z
6
value 0.03062
scoring_system epss
scoring_elements 0.86729
published_at 2026-04-11T12:55:00Z
7
value 0.03062
scoring_system epss
scoring_elements 0.86727
published_at 2026-04-12T12:55:00Z
8
value 0.03062
scoring_system epss
scoring_elements 0.8672
published_at 2026-04-13T12:55:00Z
9
value 0.03062
scoring_system epss
scoring_elements 0.86734
published_at 2026-04-16T12:55:00Z
10
value 0.03062
scoring_system epss
scoring_elements 0.86739
published_at 2026-04-18T12:55:00Z
11
value 0.03062
scoring_system epss
scoring_elements 0.86736
published_at 2026-04-21T12:55:00Z
12
value 0.03062
scoring_system epss
scoring_elements 0.86753
published_at 2026-04-24T12:55:00Z
13
value 0.03062
scoring_system epss
scoring_elements 0.86761
published_at 2026-04-29T12:55:00Z
14
value 0.03062
scoring_system epss
scoring_elements 0.86782
published_at 2026-05-05T12:55:00Z
15
value 0.03062
scoring_system epss
scoring_elements 0.86801
published_at 2026-05-07T12:55:00Z
16
value 0.03062
scoring_system epss
scoring_elements 0.86818
published_at 2026-05-09T12:55:00Z
17
value 0.03062
scoring_system epss
scoring_elements 0.86814
published_at 2026-05-11T12:55:00Z
18
value 0.03062
scoring_system epss
scoring_elements 0.86825
published_at 2026-05-12T12:55:00Z
19
value 0.03062
scoring_system epss
scoring_elements 0.86857
published_at 2026-05-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1180
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1180
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1180
2
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html
reference_id
reference_type
scores
url https://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html
3
reference_url https://nginx.org/download/patch.2012.memory.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2012.memory.txt
4
reference_url https://nginx.org/download/patch.2012.memory.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2012.memory.txt.asc
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664137
reference_id 664137
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664137
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1180
reference_id CVE-2012-1180
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2012-1180
7
reference_url https://security.gentoo.org/glsa/201203-22
reference_id GLSA-201203-22
reference_type
scores
url https://security.gentoo.org/glsa/201203-22
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
aliases CVE-2012-1180
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wsxq-wqqr-n3ey
32
url VCID-x8ck-rceh-ukdw
vulnerability_id VCID-x8ck-rceh-ukdw
summary SSL session reuse vulnerability
references
0
reference_url http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3616.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3616.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3616
reference_id
reference_type
scores
0
value 0.02435
scoring_system epss
scoring_elements 0.85316
published_at 2026-05-14T12:55:00Z
1
value 0.02435
scoring_system epss
scoring_elements 0.8509
published_at 2026-04-01T12:55:00Z
2
value 0.02435
scoring_system epss
scoring_elements 0.85266
published_at 2026-05-11T12:55:00Z
3
value 0.02435
scoring_system epss
scoring_elements 0.85281
published_at 2026-05-12T12:55:00Z
4
value 0.02435
scoring_system epss
scoring_elements 0.85103
published_at 2026-04-02T12:55:00Z
5
value 0.02435
scoring_system epss
scoring_elements 0.8512
published_at 2026-04-04T12:55:00Z
6
value 0.02435
scoring_system epss
scoring_elements 0.85124
published_at 2026-04-07T12:55:00Z
7
value 0.02435
scoring_system epss
scoring_elements 0.85145
published_at 2026-04-08T12:55:00Z
8
value 0.02435
scoring_system epss
scoring_elements 0.85153
published_at 2026-04-09T12:55:00Z
9
value 0.02435
scoring_system epss
scoring_elements 0.85167
published_at 2026-04-11T12:55:00Z
10
value 0.02435
scoring_system epss
scoring_elements 0.85165
published_at 2026-04-12T12:55:00Z
11
value 0.02435
scoring_system epss
scoring_elements 0.85161
published_at 2026-04-13T12:55:00Z
12
value 0.02435
scoring_system epss
scoring_elements 0.85182
published_at 2026-04-21T12:55:00Z
13
value 0.02435
scoring_system epss
scoring_elements 0.85183
published_at 2026-04-18T12:55:00Z
14
value 0.02435
scoring_system epss
scoring_elements 0.85205
published_at 2026-04-24T12:55:00Z
15
value 0.02435
scoring_system epss
scoring_elements 0.85214
published_at 2026-04-26T12:55:00Z
16
value 0.02435
scoring_system epss
scoring_elements 0.85212
published_at 2026-04-29T12:55:00Z
17
value 0.02435
scoring_system epss
scoring_elements 0.85226
published_at 2026-05-05T12:55:00Z
18
value 0.02435
scoring_system epss
scoring_elements 0.85252
published_at 2026-05-07T12:55:00Z
19
value 0.02435
scoring_system epss
scoring_elements 0.85271
published_at 2026-05-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3616
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616
4
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html
5
reference_url http://www.debian.org/security/2014/dsa-3029
reference_id
reference_type
scores
url http://www.debian.org/security/2014/dsa-3029
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1142573
reference_id 1142573
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1142573
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=761940
reference_id 761940
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=761940
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3616
reference_id CVE-2014-3616
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2014-3616
12
reference_url https://security.gentoo.org/glsa/201502-06
reference_id GLSA-201502-06
reference_type
scores
url https://security.gentoo.org/glsa/201502-06
13
reference_url https://usn.ubuntu.com/2351-1/
reference_id USN-2351-1
reference_type
scores
url https://usn.ubuntu.com/2351-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
1
url pkg:deb/debian/nginx@1.6.2-5
purl pkg:deb/debian/nginx@1.6.2-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-uqb5-ensa-8yht
22
vulnerability VCID-wc3j-5xmu-kyex
23
vulnerability VCID-y3tg-7fge-1yfy
24
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5
aliases CVE-2014-3616
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x8ck-rceh-ukdw
33
url VCID-y3tg-7fge-1yfy
vulnerability_id VCID-y3tg-7fge-1yfy
summary ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-36309
reference_id
reference_type
scores
0
value 0.00423
scoring_system epss
scoring_elements 0.61963
published_at 2026-04-01T12:55:00Z
1
value 0.00423
scoring_system epss
scoring_elements 0.62034
published_at 2026-04-02T12:55:00Z
2
value 0.00423
scoring_system epss
scoring_elements 0.62065
published_at 2026-04-04T12:55:00Z
3
value 0.00423
scoring_system epss
scoring_elements 0.62035
published_at 2026-04-07T12:55:00Z
4
value 0.00423
scoring_system epss
scoring_elements 0.62084
published_at 2026-04-08T12:55:00Z
5
value 0.00423
scoring_system epss
scoring_elements 0.62102
published_at 2026-04-09T12:55:00Z
6
value 0.00423
scoring_system epss
scoring_elements 0.62122
published_at 2026-04-24T12:55:00Z
7
value 0.00423
scoring_system epss
scoring_elements 0.62111
published_at 2026-04-12T12:55:00Z
8
value 0.00423
scoring_system epss
scoring_elements 0.6209
published_at 2026-04-13T12:55:00Z
9
value 0.00423
scoring_system epss
scoring_elements 0.62134
published_at 2026-04-16T12:55:00Z
10
value 0.00423
scoring_system epss
scoring_elements 0.6214
published_at 2026-05-11T12:55:00Z
11
value 0.00423
scoring_system epss
scoring_elements 0.62125
published_at 2026-04-21T12:55:00Z
12
value 0.00423
scoring_system epss
scoring_elements 0.62138
published_at 2026-04-26T12:55:00Z
13
value 0.00423
scoring_system epss
scoring_elements 0.62131
published_at 2026-04-29T12:55:00Z
14
value 0.00423
scoring_system epss
scoring_elements 0.62077
published_at 2026-05-05T12:55:00Z
15
value 0.00423
scoring_system epss
scoring_elements 0.62127
published_at 2026-05-07T12:55:00Z
16
value 0.00423
scoring_system epss
scoring_elements 0.62186
published_at 2026-05-09T12:55:00Z
17
value 0.00423
scoring_system epss
scoring_elements 0.62166
published_at 2026-05-12T12:55:00Z
18
value 0.00423
scoring_system epss
scoring_elements 0.62222
published_at 2026-05-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-36309
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986787
reference_id 986787
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986787
3
reference_url https://usn.ubuntu.com/5371-1/
reference_id USN-5371-1
reference_type
scores
url https://usn.ubuntu.com/5371-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2cu7-pyw5-t3dm
1
vulnerability VCID-3czf-dtzg-8kdm
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-fmvd-vyt7-mkfk
4
vulnerability VCID-kpjx-rrjs-subs
5
vulnerability VCID-sxf9-qr1j-u3et
6
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3
aliases CVE-2020-36309
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y3tg-7fge-1yfy
34
url VCID-yu2j-f4q9-bbcx
vulnerability_id VCID-yu2j-f4q9-bbcx
summary nginx: buffer overflow in ngx_gmtime() triggered by 5 digit years
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-20005.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-20005.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-20005
reference_id
reference_type
scores
0
value 0.0325
scoring_system epss
scoring_elements 0.8726
published_at 2026-05-14T12:55:00Z
1
value 0.0325
scoring_system epss
scoring_elements 0.87065
published_at 2026-04-01T12:55:00Z
2
value 0.0325
scoring_system epss
scoring_elements 0.87075
published_at 2026-04-02T12:55:00Z
3
value 0.0325
scoring_system epss
scoring_elements 0.87134
published_at 2026-04-21T12:55:00Z
4
value 0.0325
scoring_system epss
scoring_elements 0.87138
published_at 2026-04-18T12:55:00Z
5
value 0.0325
scoring_system epss
scoring_elements 0.87153
published_at 2026-04-24T12:55:00Z
6
value 0.0325
scoring_system epss
scoring_elements 0.87159
published_at 2026-04-26T12:55:00Z
7
value 0.0325
scoring_system epss
scoring_elements 0.8716
published_at 2026-04-29T12:55:00Z
8
value 0.0325
scoring_system epss
scoring_elements 0.8718
published_at 2026-05-05T12:55:00Z
9
value 0.0325
scoring_system epss
scoring_elements 0.87196
published_at 2026-05-07T12:55:00Z
10
value 0.0325
scoring_system epss
scoring_elements 0.87215
published_at 2026-05-09T12:55:00Z
11
value 0.0325
scoring_system epss
scoring_elements 0.8721
published_at 2026-05-11T12:55:00Z
12
value 0.0325
scoring_system epss
scoring_elements 0.87225
published_at 2026-05-12T12:55:00Z
13
value 0.0325
scoring_system epss
scoring_elements 0.87094
published_at 2026-04-04T12:55:00Z
14
value 0.0325
scoring_system epss
scoring_elements 0.87087
published_at 2026-04-07T12:55:00Z
15
value 0.0325
scoring_system epss
scoring_elements 0.87108
published_at 2026-04-08T12:55:00Z
16
value 0.0325
scoring_system epss
scoring_elements 0.87115
published_at 2026-04-09T12:55:00Z
17
value 0.0325
scoring_system epss
scoring_elements 0.87128
published_at 2026-04-11T12:55:00Z
18
value 0.0325
scoring_system epss
scoring_elements 0.87123
published_at 2026-04-12T12:55:00Z
19
value 0.0325
scoring_system epss
scoring_elements 0.87118
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-20005
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20005
3
reference_url https://github.com/nginx/nginx/commit/0206ebe76f748bb39d9de4dd4b3fce777fdfdccf
reference_id 0206ebe76f748bb39d9de4dd4b3fce777fdfdccf
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/
url https://github.com/nginx/nginx/commit/0206ebe76f748bb39d9de4dd4b3fce777fdfdccf
4
reference_url https://trac.nginx.org/nginx/ticket/1368
reference_id 1368
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/
url https://trac.nginx.org/nginx/ticket/1368
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1974192
reference_id 1974192
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1974192
6
reference_url https://github.com/nginx/nginx/commit/b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b
reference_id b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/
url https://github.com/nginx/nginx/commit/b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b
7
reference_url http://nginx.org/en/CHANGES
reference_id CHANGES
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/
url http://nginx.org/en/CHANGES
8
reference_url https://lists.debian.org/debian-lts-announce/2021/06/msg00009.html
reference_id msg00009.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/
url https://lists.debian.org/debian-lts-announce/2021/06/msg00009.html
9
reference_url https://security.netapp.com/advisory/ntap-20210805-0006/
reference_id ntap-20210805-0006
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/
url https://security.netapp.com/advisory/ntap-20210805-0006/
10
reference_url https://usn.ubuntu.com/5109-1/
reference_id USN-5109-1
reference_type
scores
url https://usn.ubuntu.com/5109-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
aliases CVE-2017-20005
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yu2j-f4q9-bbcx
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.67-3%252Bsqueeze4%252Bdeb6u1